Question

Locked

ISP Block Some Web Sites

By alashhar ·
in Libya, there is only one ISP and recently it has blocked some web sites such as youtube due to ??????? reasons. anyway some my friends have found a solution which change ISP DNS IP Address to Google DNS IP Address (8.8.8. or OpenDNS (208.67.222.222). it is working fine with them,now they can open youtube and other blocked sites. but for me it is not working.

my internet connection statue:

(1)i have Wimax Internet contract
(2)i have Wimax Huawei Internet Gateway
(3)i do not have static IP Address, ISP provides dynamic IP addresses
configuration

Note:
i have changed IP address configuration in Windows XP to google DNS addresses because there is no option in my Gateway to write manually DNS IP address, i have to write all IP addresses Configuration, which cause the Internet stop working.

anybody can give me logic reason ????

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

Right.

by seanferd In reply to Maybe...

If you are being blocked by DPI or some other comprehensive method, it is unlikely changing DNS servers will help - you may never even reach them if all DNS traffic is redirected anyway.

I'm a bit confused about "splitting DNS requests". I'll just throw some info out which may or may not cover what you meant by this. But it may be handy for anyone else who reads it.

You don't want to use different DNS services together, though, if you use OpenDNS, if you use its additional features.

Yes, some router firmware (or open source replacement firmware available for some routers) can force DNS to TCP, to a different port, or to a particular server, regardless as to what is configured in TCP/IP on the computer. But normally, computer settings will override router settings. So if DNS is configured on the router, the computer should be pointing to the router's DNS address (usually its LAN address).

Collapse -

more explain

by alashhar In reply to Not entirely correct.

i would like to explain that the problem is from my Wimax gateway device!
the ISP has provided different wimax gateway devices during last year, in all previous gateway devices do not force their users to use the ISP DNS servers, so their users change the DNS addresses in their windows the result they can access to all blocked web sites without any problem.

To Seanferd
"No, not unless you leave the gateway address in the DNS list. You can break local name resolution by doing this, in fact"
in my wimax gateway or router there is no option to just write DNS address only, it enforces me to write IP address + Subnetmask + Gateway address+ DNS address.

Collapse -

OK

by seanferd In reply to more explain

"in my wimax gateway or router there is no option to just write DNS address only, it enforces me to write IP address + Subnetmask + Gateway address+ DNS address."

This sounds like you are in the LAN configuration. You need to do it in WAN/Internet configuration. And yes, some routers do not have separate settings for static DNS.

In that case, just configure on the computers. But, if you connect between computers in your home to share files, etc., or use a network printer, these will not be reachable by name (at least when using OpenDNS, without setting typo/vpn exceptions) but will be reachable by IP address.

Also, setting static IP addresses is not hard, and subnet mask is always the same 255.255.255.0 Just look at the current computer IP, assign it statically, same for next computer but add 1 to last digit of address.

Collapse -

Trace DNS resolution

by alashhar In reply to ISP Block Some Web Sites

i think to diagnose my problem, i have to trace the DNS resolution in order to know if my wimax gateway enforce me to use ISP DNS or not?

please i need your help guys

Collapse -

Open a cmd prompt

by IC-IT In reply to Trace DNS resolution

and type
nslookup
That will return the DNS server and it's IP address.

If you type in a web address it will return the DNS server/address plus the address (ess) of the site plus any aliases

Collapse -

Test for forced DNS

by seanferd In reply to Trace DNS resolution

nslookup -type=txt which.opendns.com. 208.67.222.222

If you do not get an OpenDNS server, your DNS is forced/blocked somewhere. Post the result.

To see if you can use TCP when UDP is forced only:

nslookup -vc -type=txt which.opendns.com. 208.67.222.222

Collapse -

Seanferd

by santeewelding In reply to Test for forced DNS

I fear for you.

People in sunglasses wearing black leather coats may show up at your door.

Collapse -

here the result

by alashhar In reply to Test for forced DNS

nslookup -type=txt which.opendns.com. 208.67.222.222

Server: resolver1.opendns.com
Address: 208.67.222.222

Non-authoritative answer:
which.opendns.com text =

"I am not an OpenDNS resolver."

opendns.com nameserver = auth2.opendns.com
opendns.com nameserver = auth3.opendns.com
opendns.com nameserver = auth1.opendns.com
auth1.opendns.com internet address = 208.69.39.2
auth2.opendns.com internet address = 67.215.68.68
auth3.opendns.com internet address = 208.69.39.2

Collapse -

Wimax Gateway configuration snapshots

by alashhar In reply to Test for forced DNS

WAN Statue:
shows ISP IP addresses statue
http://www.4shared.com/file/219619207/a8f00931/WAN_Status.html

Basic Config DHCP Or Static: options to change the WAN IP configuration

http://www.4shared.com/file/219619058/46bc348b/DHCP_IP_WAN_Basic.html

http://www.4shared.com/file/21961****/9217a914/Static_IP_WAN_Basic.html

Advanced Configuration:
NAT Configuration

http://www.4shared.com/file/219619099/9d0e4b11/NAT_WAN_Adva.html

i hope these snapshots will help you to find out the problem

many thanks to all

Collapse -

Have you tried it this way?

by IC-IT In reply to Wimax Gateway configurati ...

Taken from page 1-3 of the manual.

Configuring the Static IP Routing Mode
Step 1 In the navigation tree, choose Basic > WAN, and then click the WAN tab.
Step 2 Select Route from Mode.
Step 3 Select Static Get static IP address from ISP.
Step 4 Select a NAT type.
The NAT function is enabled to facilitate translation of IP addresses, Through NAT, the host
IP address of a LAN can be effectively hidden. Thus, the security of the intranet is ensured.
Two NAT types are available:
NAPT
Cone NAT
Step 5 Enter the IP address in the IP Address text box.
Step 6 Enter the subnet mask in the Subnet Mask text box.
Step 7 Enter the default gateway in the Default Gateway text box.
Step 8 Enter the IP address of the primary domain name server (DNS) in the Primary DNS
Server text box.
Step 9 Enter the IP address of the secondary DNS in the Secondary DNS Server text box.
IP Address, Subnet Mask, Default Gateway, Primary DNS Server, Secondary DNS
Server are provided by the carrier.
Step 10 Click Apply.
----End

In the primary and secondary enter the open dns server addressess.

Related Discussions

Related Forums