rDNS and ISP content filtering | Can someone try to explain what is going on

again 3 days ago i got blocked from three.js website and this morning cant access vercel, microsoft or half google sites and first i pinged microsoft.com it went ok now i iged again and it is pointing way difrent site/address, but same IP

ping www.microsoft.com
PING e13678.dscb.akamaiedge.net (23.219.73.192) 56(84) bytes of data.
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=1 ttl=56 time=46.6 ms
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=2 ttl=56 time=46.9 ms
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=3 ttl=56 time=46.4 ms
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=4 ttl=56 time=46.4 ms
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=5 ttl=56 time=46.6 ms
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=6 ttl=56 time=46.5 ms
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=7 ttl=56 time=46.6 ms
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=8 ttl=56 time=46.4 ms
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=9 ttl=56 time=48.8 ms
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=10 ttl=56 time=46.4 ms
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=11 ttl=56 time=46.7 ms
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=12 ttl=56 time=46.5 ms
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=13 ttl=56 time=46.3 ms
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=14 ttl=56 time=46.5 ms
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=15 ttl=56 time=46.7 ms
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=16 ttl=56 time=46.2 ms
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=17 ttl=56 time=46.4 ms
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=18 ttl=56 time=46.9 ms
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=19 ttl=56 time=47.0 ms
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=20 ttl=56 time=46.8 ms
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=21 ttl=56 time=46.5 ms
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=22 ttl=56 time=46.3 ms
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=23 ttl=56 time=46.5 ms
64 bytes from a23-219-73-192.deploy.static.akamaitechnologies.com (23.219.73.192): icmp_seq=24 ttl=56 time=46.5 ms
^C
--- e13678.dscb.akamaiedge.net ping statistics ---
24 packets transmitted, 24 received, 0% packet loss, time 23033ms
rtt min/avg/max/mdev = 46.243/46.643/48.780/0.486 ms

Microsoft has several different servers that share a hostname with dns for load sharing purposes. It is not strange to get different IPs at different times from a lot of the larger enterprise organizations.

$ ping www.microsoft.com
PING e13678.dscb.akamaiedge.net (23.205.97.201) 56(84) bytes of data.
64 bytes from a23-205-97-201.deploy.static.akamaitechnologies.com (23.205.97.201): icmp_seq=1 ttl=48 time=32.0 ms
64 bytes from a23-205-97-201.deploy.static.akamaitechnologies.com (23.205.97.201): icmp_seq=3 ttl=48 time=30.2 ms
64 bytes from a23-205-97-201.deploy.static.akamaitechnologies.com (23.205.97.201): icmp_seq=4 ttl=48 time=30.1 ms

The same hostname in dns may give one of several IP addresses as shown here.

$ nslookup microsoft.com
Server:		127.0.0.53
Address:	127.0.0.53#53

Non-authoritative answer:
Name:	microsoft.com
Address: 20.76.201.171
Name:	microsoft.com
Address: 20.112.250.133
Name:	microsoft.com
Address: 20.231.239.246
Name:	microsoft.com
Address: 20.236.44.162
Name:	microsoft.com
Address: 20.70.246.20
Name:	microsoft.com
Address: 2603:1030:c02:8::14
Name:	microsoft.com
Address: 2603:1020:201:10::10f
Name:	microsoft.com
Address: 2603:1010:3:3::5b
Name:	microsoft.com
Address: 2603:1030:b:3::152
Name:	microsoft.com
Address: 2603:1030:20e:3::23c



$ nslookup www.microsoft.com
Server:		127.0.0.53
Address:	127.0.0.53#53

Non-authoritative answer:
www.microsoft.com	canonical name = www.microsoft.com-c-3.edgekey.net.
www.microsoft.com-c-3.edgekey.net	canonical name = www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net.
www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net	canonical name = e13678.dscb.akamaiedge.net.
Name:	e13678.dscb.akamaiedge.net
Address: 23.205.97.201
Name:	e13678.dscb.akamaiedge.net
Address: 2600:1407:7400:108c::356e
Name:	e13678.dscb.akamaiedge.net
Address: 2600:1407:7400:1083::356e
Name:	e13678.dscb.akamaiedge.net
Address: 2600:1407:7400:1087::356e

ok thanks that is one issue out, but then i need to figure why the sites/logins are blocked and is my ISP still in middle restricting again and sencoring development and microsoft sites especially

No way we could answer that problem. That is a local to you issue.
Can you use a vpn?

yeah VPN is again only option and even i need to use VPN to access Microsft, vercel, Github, three.js journey etc i have had this similar issues way too many times already and always ISP doing there stupid censorship or wrong configurations and i need to complain 2 weeks and then it all works again usually same time this happends by 1GB speed drops to 50Mbps like now it is just so annoying how ISP can do this and goverment allows and are part of this

Yeah working with VPN is wasting my speeds and makes everything so much harder to manage since I have 2 companies here same ISP difrent connection but same problems and employees I could use VPN in router always but again it will loose the high speed fibre again so I am starting to think I will move prob back to Scandinavia if this goes more problematic

Wireguard really reduces the burden from my experience.

1 Like

I use personal subscription on nordVPN usually when traveling, but need to start looking more options and I see now that even NordVPN local servers on my country has been disappeared there is no VPN servers anymore so there is more stuff going to happen and same is happening to cloudflare local cloudflare servers are disappearing

I’ve used PIA for roughly 10yrs. it offers both OpenVPN and Wireguard if you are looking for options.

Finally some good new on situation i am not anymore bound to rely on that only ISP in area and i can Finally switch ISP provider to same i had on old Home where i never had any issues and same time i can upgrade my speeds to 2.5GB up and down to fully use my 2.5GB 24-port switch just need to wait one more month untill old contract ends and new starts

1 Like

Fun fact as today after 6 months fighting and complaining all the issues and cutting the contract and switched to new ISP provider starting in June 1 current ISP actually called and told they found the “issue cause” and state there Hardware was broken all the time… Hard to believe how good quality of service provider is if they can’t find faster that there hardware has issues and just blaming my setup and servers and saying my IP cameras and 24-port switch is the culprit etc

1 Like

New ISP and still got sites blocked and only way to get access is VPN, but i got some results why those gets blocked and the reason was using cloudflare DNS servers… each time i enabled cloudflare DNS servers modem or laptop sites gets instalntly blocked and even i try to access cloudflare 1111 website it gets blocked due harmfull or malware siteAdd images

1 Like