Home Network DNS Dropout


Recommended Posts


Looking for a little help on a home network problem that is giving me fits.

 

Several times a day DNS stops working and it takes a router reboot to bring connectivity back.  At first I was ready to chalk this up to a dying router but it also roughly coincides with when I started using Cisco AnyConnect to VPN into work.  However AnyConnect is just on one PC (and is rarely on or running when this happens).  But the entire network goes down (except the wired Roku seems to stay working).

 

The network is basically 1 PC, 1 laptop, 1 Roku (wired) and 3 cell phones/tablets.  Netgear WNDR3700 router (already tried a factory reset) and a Cox cable modem.

 

The router itself seems to have internet access.  It is able to check for firmware updates (which may or may not rely on DNS).

 

So I've tried a couple of things with no luck.  I tried forcing Google's DNS servers in the router with no results.  However when I manually put in Google's DNS (or the ISP's) into my PC, it can continue to work through an outage... but all other devices cut out.  I have factory reset the router.

 

I did talk with a Cox tech briefly and they mentioned that the modem is responsible for assigning the DNS servers (I admit I don't know much about this part of things).  I'd think then that if the router was set specifically to use Google's DNS that would bypass the modem settings and things should work.  I'd hate to go down the road of manually setting DNS on every device that is ever on the network.

 

The cable modem status page mostly shows good connections.  There are a couple of error messages in the log but none of them correspond with the time the connection drops.

 



DHCP RENEW WARNING - Field invalid in response v4 option;CM-MAC=

DCC-ACK rejected unknown transaction ID

DCC-ACK not received

... a few others


 

I've now also uninstalled the Cisco VPN.  If that was the origin of the problem, uninstalling it did not help.  At this point the only thing left I can do is borrow a router and swap it out temporary to see if problems persist, but beyond that I'm totally stumped.

 

Any thoughts?

 

Link to comment
Share on other sites

Well something up with your router, never been a fan of their little forwarders - you hit them with a bunch of queries and they die. Doing something like p2p normally generates a lot of queries, etc. Having your router use 8.8.8.8 doesn't help when the forwarding part that goes and asks google for your machine dies.

So run a different dns forwarder on your network, and have your dhcp server point to that. Have your dhcp server hand out googledns vs the router, or manually set dns on all your machines. Get a new router with better dns support - but to be honest they all blow unless you run your own firewall/distro router that allows you to run what you want for your dns forward, be it tiny, unbound, dnsmasq or even bind itself, etc.

The reason your roku keeps on ticking is hard coded dns I would assume - so its not using your routers dns. Other thing you could try is just rebooting the thing say every night to keep dns running. Or as Red suggest maybe turn off some of its features that might be killing it, like dns inspection.

Simple test.. When you have an issue - drop to cmd line and do a nslookup.. It will show you what your using for dns

example

C:\>nslookup

Default Server: pfsense.local.lan

Address: 192.168.1.253

Try to lookup something

C:\>nslookup

Default Server: pfsense.local.lan

Address: 192.168.1.253

> www.neowin.net

Server: pfsense.local.lan

Address: 192.168.1.253

Non-authoritative answer:

Name: neowin.net

Addresses: 54.86.19.37

54.172.165.25

54.173.39.38

Aliases: www.neowin.net

Do you get an answer?? If so then dns is working, and you got other issue - but from what you have been saying I take it this going to fail. Then change over to another dns, simple server command.

> server 8.8.8.8

Default Server: google-public-dns-a.google.com

Address: 8.8.8.8

Then try again - does that work? If so then your router dns forwarder is not working. You pretty much validated it already when you say you changed your client to google and it continued to work when others had problem.

But lets be sure - from an ipconfig /all it will tell you who your dns is on your client

C:\>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : i5-w7

Primary Dns Suffix . . . . . . . : local.lan

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : local.lan

Ethernet adapter Local:

Connection-specific DNS Suffix . : local.lan

Description . . . . . . . . . . . : Broadcom NetLink Gigabit Ethernet

Physical Address. . . . . . . . . : 18-03-73-B1-0D-D3

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Lease Obtained. . . . . . . . . . : Sunday, December 14, 2014 5:53:15 PM

Lease Expires . . . . . . . . . . : Wednesday, December 17, 2014 6:46:32 AM

Default Gateway . . . . . . . . . : 192.168.1.253

DHCP Server . . . . . . . . . . . : 192.168.1.253

DNS Servers . . . . . . . . . . . : 192.168.1.253

NetBIOS over Tcpip. . . . . . . . : Disabled

If you want to run your own, and don't have linux box - unbound and bind both run on windows without much issue..

Link to comment
Share on other sites

Thanks for all the replies.  It's helped me track down more info and confirm it is a router problem.  I've spent two weeks narrowing down what is going on and with a little additional research (and now knowing what I was looking for) I came across the likely answer.

 
There was a beta firmware Netgear never published from several years ago that apparently addresses this exact issue.  The router still shows as running the newest firmware since it was never formally released but you can get the file from their website.  On a sidenote it's a bit frustrating that v1 of the WNDR3700 got support cut off while v2-4 had years of additional releases (including this fix).
 
There was a reference that "DNS can be called in two ways, one of which could cause the router to hang" (TCP/UDP?).  My speculation is that using Cisco AnyConnect exposed this problem which was probably there all along.  Reading reviews, the beta firmware apparently has other problems that are not insignificant.  In fact, a pulled first beta is allegedly better than the one currently available.
 
So my solution is to do something I've been meaning to try for ages: DD-WRT.  Flashed today and we'll see how it holds up.  So far it's looking quite good.
Link to comment
Share on other sites

Just confirming... three days on DD-WRT and the problem has not reoccurred.  It does look like Cisco AnyConnect was causing the router to hang because of how it requested DNS.  Thanks again for all the help.

Link to comment
Share on other sites

And how would it be doing a anything on in a query? Maybe it was doing a lot of them? soho routes dns is quite often fragile, like a little girl with her sunday best on. Have more than couple of clients ask it for new stuff and crash..

While dd-wrt is better, don't be surprised if it crashes now and then too if your pounding it with dns, because of something odd.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.