Strange DDNS behavior (afraid.org) with Wireguard

[ShePearl]

Hi folks.

Recently, I tried to change DDNS provider from asuscomm.com to afraid.org
On my RT-AX86U router, everything seems to be working fine. I exported WireGuard config profile for iPhone and it works fine with the iPhone.
However, on my Windows laptop, I cannot get WireGuard to connect. WireGuard client on laptop just throws an error "The requested name is valid, but no data of the requested type was found".

The same DDNS configured through afraid.org and AX86U but totally different behavior between iPhone and laptop.
Here's a screenshot of log.

And here's Tunnel page.

Out of curiosity, I changed the DDNS provider back to asuscomm.com on RT-AX86U and configured WireGuard and exported config profiles again. And it worked on both iPhone and laptop. So, I assume something is not configured correctly for afraid.org DDNS?

Could somebody shed some light on this?
Thanks.

 

[ZebMcKayhan]

The requested name is valid, but no data of the requested type was found

Sounds like the DNS server has no record of it. Im no expert in DNS but I could imagine different DNS servers handles this differently. (Regarding time-to-live and on-the-fly updates) Apple more and more uses DoH to preprogrammed servers (unless blocked) whilst your windows machine is probably using different servers.

you could try to do a manual lookup from windows in command line:

nslookup yourddnsname

when your connection attempt fails to see what it returns.

I guess you probably already have but check the imported endpoint in Windows so everything appears right.

Is it possible you are at a location that blocks this ddns lookup?

 

[adrenalize]

You say it appears to be working on the router, so does the DDNS show your domain correctly just below your IP near the top of the home page? Does the DDNS config page say "registration successful" half way down and I assume you have let it get a valid let's encrypt certificate? And of course finally as ZebMcKayhan says what is the result of the nslookup of you domain, should be the WAN IP of your router?

I use OpenVPN fine with an afraid.org DDNS.

 

[ShePearl]

@ZebMcKayhan and @adrenalize
Many thanks for your kind advice. And I'm sorry for late reply. I was away from home for a day.
Anyway, I returned and checked again. And silly me. I found out about an hour ago that it was NextDNS (I configured my router to use DoT (DNS-over-TLS) from NextDNS).
NextDNS was blocking subdomains (eg. mooo.com) provided by afraid.org
I added the submain to the allowlist and all is working fine.