27
submitted 1 year ago* (last edited 1 year ago) by TankieTanuki@hexbear.net to c/technology@hexbear.net

Maybe one of you hogs knows what's up.

I got a new IP address for my VPS and updated the DNS A record accordingly. That was two days ago and I still get an "unable to connect" error when trying to access TankieTube through protonVPN.

However, if I drop the VPN everything works. This is the case with both Firefox and Chrome.

Does this have to do with DNS propagation?

all 16 comments
sorted by: hot top controversial new old
[-] DefinitelyNotAPhone@hexbear.net 15 points 1 year ago

It's probably some automated block on the VPN provider's part, but there is the ever so small chance that they have a misconfigured DNS server that ignored the TTL on the A record and is still trying to ping the old IP.

[-] TankieTanuki@hexbear.net 6 points 1 year ago

What reason would a VPN have to block websites? Usually it's the websites blocking the VPNs.

[-] nat_turner_overdrive@hexbear.net 11 points 1 year ago* (last edited 1 year ago)

It could be propagation, and it could also be the VPN itself being blacklisted - I don't think it's uncommon for commercial hosting services to blacklist VPN subnet blocks depending on the reputation of the VPN.

Could maybe try a traceroute from the VPS to your VPN IP

[-] TankieTanuki@hexbear.net 3 points 1 year ago* (last edited 1 year ago)

Traceroute can't reach my VPN endpoint but neither can it reach my bare home IP because I'm behind a CGNAT.

I didn't change hosting providers with my IP; they moved me to an IP block with a "cleaner" reputation at my request. Would the provider block a VPN from some of its subnets but not others?

It's possible, it's also possible that you got IP blocked temporarily for suspicious behavior but that would entirely depend on how your provider works

[-] TankieTanuki@hexbear.net 3 points 1 year ago* (last edited 1 year ago)

I just opened a ticket. We'll see what they say.

Would it be unusual for a VPN provider to block access to subnets? That's not how things work, right?

Yeah, I agree that it doesn't seem very likely that the VPN is blocking any subnets

[-] drinkinglakewater@hexbear.net 7 points 1 year ago

Is your VPN configured to use the domain name of your VPS or the IP?

[-] TankieTanuki@hexbear.net 6 points 1 year ago

I type the domain name into the browser and it uses protonVPN's nameservers to get the IP afaik.

[-] drinkinglakewater@hexbear.net 4 points 1 year ago

Ah okay so your VPS isn't the VPN gateway, you're using protonVPN's. If you do a dig or nslookup against their DNS servers you cam confirm if their records are updated. If they are then I would guess like others in the thread suggested it's something on Proton's side

[-] JoeByeThen@hexbear.net 6 points 1 year ago

I forget how to use it properly off the top of my head, but nslookup should be able to tell you what the dns lookup looks like and where the mismatch is coming from.

this post was submitted on 10 Jun 2024
27 points (100.0% liked)

technology

23857 readers
316 users here now

On the road to fully automated luxury gay space communism.

Spreading Linux propaganda since 2020

Rules:

founded 5 years ago
MODERATORS