TXT DNS lookup only works with cloudflare (1.1.1.1), while the other like 8.8.8.8 doesn't work

Hello, For some reason, only cloudflare could dig up the TXT record, resulting in DNS Challenge failing, it used to work, a few months ago.
$ dig +short TXT 22d62b56-4c18-4113-8f3b-6a4de90237cc.auth.example.com @8.8.8.8
$ dig +short TXT 22d62b56-4c18-4113-8f3b-6a4de90237cc.auth.example.com @1.1.1.1
"UpGkwV-P3D_lQ_67-UyYvftIKkbeWVS8n66ufYn1EWg"
"70TIIi3Fnhbt1tewuce3m60GqWbpoX5ifX8jQ_VzxSY"
$ dig +short TXT 22d62b56-4c18-4113-8f3b-6a4de90237cc.auth.example.com @8.8.8.8
$ dig +short TXT 22d62b56-4c18-4113-8f3b-6a4de90237cc.auth.example.com @1.1.1.1
"UpGkwV-P3D_lQ_67-UyYvftIKkbeWVS8n66ufYn1EWg"
"70TIIi3Fnhbt1tewuce3m60GqWbpoX5ifX8jQ_VzxSY"
Related records:
NS
auth
ns1.auth.example.com
NS
auth
ns1.auth.example.com
A
ns1.auth
xxx.xxx.xxx.xxx
A
ns1.auth
xxx.xxx.xxx.xxx
- NS gwen.ns.cloudflare.com - NS zod.ns.cloudflare.com Please help. What shoul I do?
17 Replies
Patiphan
PatiphanOP10mo ago
dig +short TXT 22d62b56-4c18-4113-8f3b-6a4de90237cc.auth.oxygenci.com @8.8.8.8
dig +short TXT 22d62b56-4c18-4113-8f3b-6a4de90237cc.auth.oxygenci.com @8.8.8.8
dig +short TXT 22d62b56-4c18-4113-8f3b-6a4de90237cc.auth.oxygenci.com @1.1.1.1
dig +short TXT 22d62b56-4c18-4113-8f3b-6a4de90237cc.auth.oxygenci.com @1.1.1.1
1.1.1.1
1.1.1.110mo ago
DNS over Discord: TXT records
22d62b56-4c18-4113-8f3b-6a4de90237cc.auth.oxygenci.com TXT @1.1.1.1 +noall +answer An unexpected server failure [2 - ServFail] occurred when looking up the domain
diggy diggy hole
Patiphan
PatiphanOP10mo ago
No description
Patiphan
PatiphanOP10mo ago
I found it to be working on my phone and on the pc With cellular network May be my problem is country based? Yes, other wise, how could it work on cellular network What if you doesn't use short, could you let me know which part of the DNS fail?
Patiphan
PatiphanOP10mo ago
Strangely, I found it to be working only half of the time
No description
Patiphan
PatiphanOP10mo ago
And based on the log on the DNS server, only the successful answer was answer from my DNS server. So, somehow, 1.1.1.1 only asked for the TXT record on my server sometime.
Patiphan
PatiphanOP10mo ago
But the record does exist? Did I configure it wrong
No description
No description
Patiphan
PatiphanOP10mo ago
So, maybe, cloudflare 1.1.1.1 only able to reach my server sometime?
$ dig auth.oxygenci.com NS

; <<>> DiG 9.18.24 <<>> auth.oxygenci.com NS
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7215
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;auth.oxygenci.com. IN NS

;; ANSWER SECTION:
auth.oxygenci.com. 3600 IN NS ns1.auth.oxygenci.com.

;; Query time: 4 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Mon Mar 18 17:18:39 +07 2024
;; MSG SIZE rcvd: 64
$ dig auth.oxygenci.com NS

; <<>> DiG 9.18.24 <<>> auth.oxygenci.com NS
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7215
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;auth.oxygenci.com. IN NS

;; ANSWER SECTION:
auth.oxygenci.com. 3600 IN NS ns1.auth.oxygenci.com.

;; Query time: 4 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Mon Mar 18 17:18:39 +07 2024
;; MSG SIZE rcvd: 64
$ dig auth.oxygenci.com NS @1.1.1.1

; <<>> DiG 9.18.24 <<>> auth.oxygenci.com NS @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 61979
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; EDE: 22 (No Reachable Authority): (at delegation auth.oxygenci.com.)
;; QUESTION SECTION:
;auth.oxygenci.com. IN NS

;; Query time: 2255 msec
;; SERVER: 1.1.1.1#53(1.1.1.1) (UDP)
;; WHEN: Mon Mar 18 17:18:46 +07 2024
;; MSG SIZE rcvd: 84
$ dig auth.oxygenci.com NS @1.1.1.1

; <<>> DiG 9.18.24 <<>> auth.oxygenci.com NS @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 61979
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; EDE: 22 (No Reachable Authority): (at delegation auth.oxygenci.com.)
;; QUESTION SECTION:
;auth.oxygenci.com. IN NS

;; Query time: 2255 msec
;; SERVER: 1.1.1.1#53(1.1.1.1) (UDP)
;; WHEN: Mon Mar 18 17:18:46 +07 2024
;; MSG SIZE rcvd: 84
1.1.1.1
1.1.1.110mo ago
DNS over Discord: TXT records
22d62b56-4c18-4113-8f3b-6a4de90237cc.auth.oxygenci.com TXT @1.1.1.1 +noall +answer An unexpected server failure [2 - ServFail] occurred when looking up the domain
diggy diggy hole
Patiphan
PatiphanOP10mo ago
Thanks for the reply, Based on the record provided in the original message, - NS auth ns1.auth.domain.com - A ns1.auth xxx.xxx.xxx.xxx for 22d62b56-4c18-4113-8f3b-6a4de90237cc.auth.domain.com auth.domain.com is first check, and found that ns1.auth.domain.com is controlling it, so it check ns1.auth.domain.com which pointed to my DNS server from A record which should work? Is my understanding correct? Or do you suggest I don't use ns1.auth.domain.com, this originally work previously. I see what you mean, so it should be ns1.domain.com, is that correct? I changed it. Now, discord bot 1.1.1.1 can resolve, but google can't. I'll wait 1 hour in case of dns propagation delay.
Patiphan
PatiphanOP10mo ago
for 1.1.1.1 It still only work sometime For some reason, dig only reach my server sometime, the only time it works is when it reach my server here is my current record, please help.
No description
1.1.1.1
1.1.1.110mo ago
DNS over Discord: TXT records
22d62b56-4c18-4113-8f3b-6a4de90237cc.auth.oxygenci.com TXT @1.1.1.1 +noall +answer An unexpected server failure [2 - ServFail] occurred when looking up the domain
diggy diggy hole
Patiphan
PatiphanOP10mo ago
I don't understand why is it working for some internet like mine but not for the bot Is it because of ipv6?
No description
1.1.1.1
1.1.1.110mo ago
DNS over Discord: TXT records
22d62b56-4c18-4113-8f3b-6a4de90237cc.auth.oxygenci.com TXT @1.1.1.1 +noall +answer +cdflag
NAME | TTL | DATA
------------------------------------+-----+-------------
22d62b56-4c18-4113-8f3b-6a4de90237c | 1s | "IZ9IhJ2-a38
c.auth.oxygenci.com | | Y-dlTH_0ZLcz
| | 9D19bD7GSkL1
| | JQG3LF60"
22d62b56-4c18-4113-8f3b-6a4de90237c | 1s | "a5LdOQ-kWB-
c.auth.oxygenci.com | | mo4HNvwag3tN
| | _OsOM8cPpoWW
| | LfNNiBRg"
NAME | TTL | DATA
------------------------------------+-----+-------------
22d62b56-4c18-4113-8f3b-6a4de90237c | 1s | "IZ9IhJ2-a38
c.auth.oxygenci.com | | Y-dlTH_0ZLcz
| | 9D19bD7GSkL1
| | JQG3LF60"
22d62b56-4c18-4113-8f3b-6a4de90237c | 1s | "a5LdOQ-kWB-
c.auth.oxygenci.com | | mo4HNvwag3tN
| | _OsOM8cPpoWW
| | LfNNiBRg"
:warning: cd bit set, DNSSEC validation disabled
diggy diggy hole
1.1.1.1
1.1.1.110mo ago
DNS over Discord: NS records
auth.oxygenci.com NS @1.1.1.1 +noall +answer
NAME | TTL | DATA
------------------+--------+-----------------------
auth.oxygenci.com | 3,600s | ns1-auth.oxygenci.com.
NAME | TTL | DATA
------------------+--------+-----------------------
auth.oxygenci.com | 3,600s | ns1-auth.oxygenci.com.
diggy diggy hole
Patiphan
PatiphanOP10mo ago
Based on this, Would I just have to wait 48 hours?
No description
Patiphan
PatiphanOP10mo ago
As an update, my ISP said that they just block my 53 port on international traffic... So, case closed, I guess?
Want results from more Discord servers?
Add your server