27
It's probably some automated block on the VPN provider's part, but there is the ever so small chance that they have a misconfigured DNS server that ignored the TTL on the A record and is still trying to ping the old IP.
What reason would a VPN have to block websites? Usually it's the websites blocking the VPNs.
It could be propagation, and it could also be the VPN itself being blacklisted - I don't think it's uncommon for commercial hosting services to blacklist VPN subnet blocks depending on the reputation of the VPN.
Could maybe try a traceroute from the VPS to your VPN IP
Traceroute can't reach my VPN endpoint but neither can it reach my bare home IP because I'm behind a CGNAT.
I didn't change hosting providers with my IP; they moved me to an IP block with a "cleaner" reputation at my request. Would the provider block a VPN from some of its subnets but not others?
It's possible, it's also possible that you got IP blocked temporarily for suspicious behavior but that would entirely depend on how your provider works
I just opened a ticket. We'll see what they say.
Would it be unusual for a VPN provider to block access to subnets? That's not how things work, right?
Yeah, I agree that it doesn't seem very likely that the VPN is blocking any subnets
2 days says to me not DNS propagation
https://protonvpn.com/features/adblocker could be this or another one of Proton's "protection" features (okay scare quotes is a little harsh but I kinda start to roll my eyes with that type of stuff)
I connect by OpenVPN instead of the app, so I don't think I'm using that feature.
well you can rule out DNS issues by making sure it resolves properly using command line tools like dig. traceroute is hard to use on a lot of modern networks but a simple ping is still usable, or something like netcat or curl to rule out browser shenanigans
I have actually had some weird issues like this too, where I seemingly couldn't reach hexbear from my former VPN provider at one point, but it eventually recovered, so maybe bad peering/blocking due to abuse going on from either the VPS provider or the VPN provider? But it was very annoying to troubleshoot and not that big of a deal so I don't think I ever found a smoking gun
traceroute is hard to use on a lot of modern networks
Is that why most of the hops come back as * * *?
yeah
the internet was not designed for NAT, and it was not designed for ICMP to be disabled lol
Is your VPN configured to use the domain name of your VPS or the IP?
I type the domain name into the browser and it uses protonVPN's nameservers to get the IP afaik.
Ah okay so your VPS isn't the VPN gateway, you're using protonVPN's. If you do a dig or nslookup against their DNS servers you cam confirm if their records are updated. If they are then I would guess like others in the thread suggested it's something on Proton's side
I forget how to use it properly off the top of my head, but nslookup should be able to tell you what the dns lookup looks like and where the mismatch is coming from.
this post was submitted on 10 Jun 2024
27 points (100.0% liked)
technology
23313 readers
123 users here now
On the road to fully automated luxury gay space communism.
Spreading Linux propaganda since 2020
- Ways to run Microsoft/Adobe and more on Linux
- The Ultimate FOSS Guide For Android
- Great libre software on Windows
- Hey you, the lib still using Chrome. Read this post!
Rules:
- 1. Obviously abide by the sitewide code of conduct. Bigotry will be met with an immediate ban
- 2. This community is about technology. Offtopic is permitted as long as it is kept in the comment sections
- 3. Although this is not /c/libre, FOSS related posting is tolerated, and even welcome in the case of effort posts
- 4. We believe technology should be liberating. As such, avoid promoting proprietary and/or bourgeois technology
- 5. Explanatory posts to correct the potential mistakes a comrade made in a post of their own are allowed, as long as they remain respectful
- 6. No crypto (Bitcoin, NFT, etc.) speculation, unless it is purely informative and not too cringe
- 7. Absolutely no tech bro shit. If you have a good opinion of Silicon Valley billionaires please manifest yourself so we can ban you.
founded 4 years ago
MODERATORS