New-ish Asus routers [CORRECTION: at least two routers bought in Sweden] seem to enable "Yandex.DNS" by default. This forwards all of your DNS lookups to Yandex, a large Russian search engine. I discovered this on my dad's router when he had troubles accessing his bank from his broadband but not on his phone. (Presumably, the bank geoblocked Russian IPs as a protest to the invasion of Ukraine.)
I get that you need to trust someone with your DNS lookups (your ISP, Google, Cloudfare, etc), but I didn't expect the non-ISP option to be the default...
Check your router!
Thanks for great comments! I should have said a few things differently...
"New-ish Asus routers seem to..." I should have said "at least two routers bought in Sweden". I didn't consider that there could be regional differences.
[The screenshot] This was from my dad's router, but from the Yandex.DNS website. I wanted to share a screenshot that showed what the setting looked like and I didn't have one from my dad.
"Presumably, the bank geoblocked Russian IPs" This was a guess from me and a half-baked thought (but see comments from others!).
Let's go over some details!
First, let me recap what I actually saw. My dad couldn't log into his bank on his broadband, but it worked fine when when using a mobile phone hotspot. I pinged the bank's domain and I asked him to ping it too. For me it resolved to an IPv4 address and it respoinded to ping. For him it wouldn't even resolve to an IP.
Ipconfig said the DNS server was 192.168.1.1, so I asked him to log into his router with that IP. When we looked at the WAN settings he pointed out that there was a yellow warning text saying "Clients are using Yandex.DNS regardless of the DNS setting.". This string was in English while the rest of the UI was in Swedish.
After some searching I found out that it was possible to disable Yandex.DNS from the parent controls settings (under "AiProtection"). After my dad disabled it, the bank's website immediately worked again.
Which router did he use and where did he get it from? The router says Asus AC1900 on the front, and Asus RT-AC68U V3, Made in China on the back. (The screenshot was from the Yandex.DNS website, not his router.) He bought the router new from Webhallen, one of the major consumer electronics and computer store chains in Sweden.
Yesterday I also found a forum post where another Swede had the same problem: https://www.snbforums.com/threads/asus-4g-ax56-yandex-dns.81641/
@raek Glad you were able to help your dad get rid of it, from that forum post sounds like some one looked into firmware source code and found hard coded things. Asus has quite versatile off the shelf hardware and open source community has firmware that runs on those routers OpenWRT and DD-WRT at least 2 prominent projects that rings a bell.
