Hi Michael,
On 27/01/2026 17:10, Michael Tremer wrote:
Hello Adolf,
Interesting case. I tried to resolve the domain at my office and that seems to
be working just fine.
They don’t even use DNSSEC, so any problems from that can be ruled out.
Anything more in the logs? It could have been the IP blocklists blocking
communication.
I checked out disabling the IP Blocklists, IPS and Web Proxy and still it was
blocked if I was using recursor mode.
I just came home and the standard dns servers have been running for the last 5
hours (so not recursor mode) and tried accessing the login page and it worked
fine.
I then changed back to the recursor mode, cleared the browser cache and
immediately the login page failed to load. The message I get is
Unable to connect
Firefox can’t establish a connection to the server at auth.opgroen.nl.
Error code: 503 Service Unavailable
The site could be temporarily unavailable or too busy. Try again in a few
moments.
If you are unable to load any pages, check your computer’s network
connection.
If your computer or network is protected by a firewall or proxy, make sure
that Firefox is permitted to access the web.
I then turned back on the listed dns servers, cleared the browser cache and the
login page worked immediately.
So the issue is consistent.
If you have been testing DBL, that can probably be ruled out because you don’t
resolve anything. The domain is not listed:
https://www.ipfire.org/dbl/search?q=auth.opgroen.nl
For this investigation I had disabled the URL Filter.
I looked in the DS logs for all of January and only found a single entry
09/21:27:54 unbound: [2020:0] error: SERVFAIL <opgroen.nl. A IN>: misc failure
This was combined with a lot of other fails but this was when there was a
problem with my ISP connection and before the time that I was trying to login
to my insurer.
So as far as I can find other than the Unable to resolve A/AAAA record message
I have not found any other message related to opgroen.nl in my logs for the
whole of January which makes it very strange, especially as I can turn the
problem on and off by using recursor mode or using listed dns servers.
Anyway, I have a working system now with listed dns servers so will stay using
that for the future.
Regards,
Adolf.
-Michael
On 27 Jan 2026, at 10:28, Adolf Belka <[email protected]> wrote:
Hi All,
Thought I would communicate about a problem I have been having.
I needed to login to my Insurance web site. I could access all the web pages I
wanted but when trying to login I always got a 503 not available or a timeout.
This was happening for the last three days.
I disabled the web proxy, IPS and the IP Blocklists functions but none of it
made any difference. Also cleared all caches I could find. No difference. All
other web sites and logins worked fine.
This morning looking through various logs I found the following message.
INFO: Unable to resolve A/AAAA record of queried destination 'auth.opgroen.nl',
returning ERR...
I was using the Recursor mode with my IPFire DNS but I still had 5 DNS servers
listed, just not enabled.
I therefore enabled them and immediately I was able to get the login screen to
display.
I then reverted back to the recursor mode and the login stayed worked. Also
after waiting 5 minutes. I then cleared the browser cache and the login page
failed to be found.
I then enabled just one DNS server - recursor01.dns.lightningwirelabs.com - on
the DNS page and the login page worked again.
Also tested clearing the browser cache and the login page still being shown.
Working now for over 15 minutes. That is compared to not working at all once
over the last three days trying numerous times.
So there seems to be something about my insurance providers login page that
doesn't want to work well with the Recursor Mode, although everything else has
worked fine.
So I now have a selected DNS site and thankfully I am able to access the login
page again but thought I would let you know what I found.
Regards,
Adolf.
