Buy or Renew
Buy or Renew
NOTICE: OpenDNS Service Currently Not Available To Users In Belgium. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
868
Views
2
Helpful
18
Replies

Why HTTP IP address mismatch, and how to fix?

cpicot
Level 1
Level 1

‎10-01-2015 06:19 AM

My OpenDNS updater gives this error," Your OpenDNS settings might not work due to DNS IP address (92.242.140.2) and HTTP IP address (68.231.248.176) mismatch. Learn more at http://www.opendns.com/software/mac/dynip/ip-differs/". I looked into i, but could not figure out what is going on. Anyone know why there is a IP Address mismatch? Thanks.

Labels:
18 Replies 18

robmgregg
Level 1
Level 1

‎10-01-2015 07:27 AM

Hi,

Thanks for getting in touch, sorry to hear you're struggling with the IP updater. This issue is usually caused by the way your ISP handles DNS traffic, I would recommend getting in touch with them and asking whether you are behind a transparent proxy. 

If you are still experiencing problems after discussing this with your ISP I would recommend opening a ticket with us.

0 Helpful

arthurwv
Level 1
Level 1

‎10-01-2015 11:08 AM

I called them the first with no help.  I called again and was on hold for over an hour. Asked to speak to a supervisor and of course they had no idea what to do.

0 Helpful

rotblitz
Level 6
Level 6

‎10-01-2015 11:42 AM

So see if your DNS traffic IP address is indeed different from your web traffic IP address:

   Your DNS IP address:  nslookup myip.opendns.com.

   Your web IP address:   http://myip.dnsomatic.com/

It is your DNS IP address which must be registered at https://dashboard.opendns.com/settings/ to make the additional features of OpenDNS work
(blocking by category, blocking or whitelisting individually, stats and logs).

To see why there is a mismatch, you may want to run this test to see if you're behind a proxy:
http://www.lagado.com/proxy-test

See also: https://support.opendns.com/entries/63421664

0 Helpful

arthurwv
Level 1
Level 1

‎10-01-2015 12:01 PM

my web ip: 184.9.191.46   which is the DNS IP address

And the proxy test results :

Proxy Test

This request appears NOT to have come via a proxy.

The request appears to have originated from ip address 184.9.191.46

 

The Lagado Proxy Test shows details of any proxy servers you are using. It is especially useful to expose transparent proxies. These are proxies inserted between your browser and the web, typically by your ISP, and often without you knowing.

Sometimes a proxy will be deliberately hidden so it won't be exposed by this test. In this case you can use the Cache Test to expose stealthed transparent proxy caches.

 

The Raw Details

Here are the raw details of the request received by this server.

Remote   IP Address 184.9.191.46

Request   Protocol HTTP/1.1   Method GET

Request Headers

Host www.lagado.com
Connection keep-alive
Accept text/html,​application/xhtml+xml,​application/xml;q=0.9,​image/webp,​*/*;q=0.8
Upgrade-Insecure-Requests 1
User-Agent Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36
Accept-Encoding gzip, deflate, sdch
Accept-Language en-US,en;q=0.8

 

 

 

0 Helpful

rotblitz
Level 6
Level 6

‎10-01-2015 12:13 PM

Apparently not behind a proxy, but there are other ISP tweaks like NAT, DNS redirection and staff which cannot easily be investigated.

"my web ip: 184.9.191.46   which is the DNS IP address"

Does this mean both are identical?  Then there is no IP address mismatch at all, and the Updater's warning was a false positive for whatever reason.  Something else must confuse the Updater.

0 Helpful

arthurwv
Level 1
Level 1

‎10-01-2015 12:20 PM

They are identical.     Where you typed "Your DNS IP address:  nslookup myip.opendns.com.", is there anything I need to do with that?  I don't know if this will help, but I am attaching what Updater is showing.

 




Image1.jpg
0 Helpful

rotblitz
Level 6
Level 6

‎10-01-2015 12:25 PM

"Where you typed "Your DNS IP address:  nslookup myip.opendns.com.", is there anything I need to do with that?"

Yes, you open a command prompt window and enter the command to see what your DNS IP address is.

"They are identical."  -  How can you know if you didn't execute that nslookup command?

"I don't know if this will help, but I am attaching what Updater is showing."

Yes, this is the reason why you're posting here.  I know.

0 Helpful

arthurwv
Level 1
Level 1

‎10-01-2015 12:40 PM

Oh sorry.  Didn't realize it was a command prompt.  I meant my IP and the one registered at opendns.  




Image2.jpg
0 Helpful

rotblitz
Level 6
Level 6

‎10-02-2015 01:05 AM

You should not have queried myip.opendns.com.netgear.com, but only myip.opendns.com.  You ignored the trailing dot as part of the command.
And weird that this returns two different public IP addresses.  Something seems to hi-jack your NXDOMAIN results.  And this is Search Guide Inc located in Boulder/USA.  See that you can get rid of this!

And you would not have needed to post a screen shot.  A copy & paste of the raw text would have been sufficient.

As you missed to enter the trailing dot to indicate an FQDN, try again:

   nslookup myip.opendns.com.

And check also your web IP address again: http://myip.dnsomatic.com/ - it might have changed in between.

0 Helpful

arthurwv
Level 1
Level 1

‎10-02-2015 04:38 PM

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Users\dr andy>myip.opendns.com.
'myip.opendns.com.' is not recognized as an internal or external command,
operable program or batch file.

C:\Users\dr andy>nslookup myip.opendns.com.
Server: dslrouter.netgear.com
Address: 192.168.254.254

Non-authoritative answer:
Name: myip.opendns.com
Addresses: 198.105.244.114
198.105.254.114


C:\Users\dr andy>

 

Andy the web IP address is still the same.

0 Helpful

rotblitz
Level 6
Level 6

‎10-03-2015 05:41 AM

This DNS lookup has been hi-jacked by Search Guide again, so I think you don't use OpenDNS at all.  Now post the output of these comands (trailing dots are part of it!):

   nslookup -type=txt which.opendns.com.

   nslookup -type=txt which.opendns.com. 208.67.220.220

0 Helpful

rolltide1017
Level 1
Level 1

‎03-17-2016 02:21 PM

What does "hi-jacked by Search Guide" mean?  I'm getting those same 198 address when using nslookup and I'm also getting the mismatch error.  I had to exchange my router and modem with Charter today and the new equipment is not working with OpenDNS.  It was fine yesterday with my old modem and Netgear router but, we were having to reboot both of them so often that I just decided to exchange them.  The new router from Charter is not a Netgear but a Sagemcom Fast 5260.

0 Helpful

cobalt-phoenix
Level 1
Level 1

‎03-17-2016 03:38 PM

Well, your question has been answered by Rob Gregg from OpenDNS above already.  If you have configured your new router with the OpenDNS resolver addresses, and it does not work, e.g. http://welcome.opendns.com/ indicates you're not using OpenDNS, ask your ISP to find out what you have to do to use a 3rd party DNS service.

You can also copy & paste the complete plain text output of the diagnostic commands above, plus the IP address returned from http://myip.dnsomatic.com/ so that we see more.

0 Helpful

rolltide1017
Level 1
Level 1

‎03-18-2016 07:30 AM

Just wondering if the "hi-jacked by search guide" meant I have malware.

 

My web IP from http://myip.dnsomatic.com/ is: 71.82.1.108

 

Here is the results from http://www.lagado.com/proxy-test:

This request appears NOT to have come via a proxy.

The request appears to have originated from host 71-82-1-108.dhcp.leds.al.charter.com which has ip address 71.82.1.108

 

The Lagado Proxy Test shows details of any proxy servers you are using. It is especially useful to expose transparent proxies. These are proxies inserted between your browser and the web, typically by your ISP, and often without you knowing.

Sometimes a proxy will be deliberately hidden so it won't be exposed by this test. In this case you can use the Cache Test to expose stealthed transparent proxy caches.

 

The Raw Details

Here are the raw details of the request received by this server.

Remote   Host 71-82-1-108.dhcp.leds.al.charter.com   IP Address 71.82.1.108

Request   Protocol HTTP/1.1   Method GET

Request Headers

Host www.lagado.com
Connection keep-alive
Accept text/html,​application/xhtml+xml,​application/xml;q=0.9,​image/webp,​*/*;q=0.8
Upgrade-Insecure-Requests 1
User-Agent Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36
Accept-Encoding gzip, deflate, sdch
Accept-Language en-US,en;q=0.8,gl;q=0.6

This Server   Host www.lagado.com   IP Address 27.131.76.84

Date: Saturday 19 Mar 2016 1:21:08 GMT+1100

 

Here is my nslookup myip.opendns.com results:

Server: HG6Box
Address: 10.6.18.4

Non-authoritative answer:
Name: myip.opendns.com
Addresses: 198.105.244.24
198.105.254.24

 

Here is my nslookup -type=test which.opendns.com.:

Server: HG6Box
Address: 10.6.18.4

Non-authoritative answer:
which.opendns.com text =

"I am not an OpenDNS resolver."

 

Here is my nslookup -type=txt which.opendns.com. 208.67.220.220 results:

Server: resolver2.opendns.com
Address: 208.67.220.220

Non-authoritative answer:
which.opendns.com text =

"9.ash"

0 Helpful
Customers Also Viewed These Support Documents