0

We are a group of volunteers for a non profit WISP in the Yorkshire Dales. We have an intermittent but serious spasms of various clients' DNS requests blocked. Note we have only one Internet IP, the 50+ clients are all on fixed IPs served by various APs. To effect a cure, usually only temporarily, we allocate the offending device with a different IP address. This may work for two hours or two months before the problem reappears. What I/we need to do is track down where the DNS request is being blocked. Using Tracert with Wireshark doesn't seem to work, i.e. the request path doesn't appear.

The single IP is supported by a Vigor VDSL router which then distributes Internet via Ubiquti APs at 5GHz. Note that the DNS problem is not limited to Ubiquti, it has also affected domestic routers on fixed addresses, (same subnet).

Can you help?

P.Holmes
  • 1
  • 1
  • Do you have a caching recursive dns server to minimize the request load? You can use `dig +trace dns.name` to test what is no longer answering you. dns.name being a domain you normally try to reach. – Aaron Aug 02 '16 at 15:46
  • Have you also tried using a different DNS server such as Google's `8.8.8.8`? – Julie Pelletier Aug 02 '16 at 15:55
  • Please elaborate on the DNS infrastructure itself. Do you operate your own recursive servers (as Aaron was asking), or hand out IPs for services that you do not own? – Andrew B Aug 02 '16 at 16:27
  • Thanks guys (& girls). Some of this is beyond me but I'm learning :) – P.Holmes Aug 03 '16 at 08:49
  • Thanks @Aaron, Julie and Andrew. Some of this is beyond me but I'm learning :) We've tried various DNS servers both google primary & secondary, also plusnet (ISP) servers. Note also of the 50+ clients only 15 have been affected only eight of these have the problem repeat. I said two hours to two months, what I should have explained that the problem first occurred three months ago some of which took a day or so to resolve because the changed IP also failed after a short time. Then no problem for three months until last weekend when eight were again affected. – P.Holmes Aug 03 '16 at 09:14
  • @Aaron We mostly have only Windows machines though I do also run LINUX. A thought that hadn't occurred to me. No, we don't run our own recursive server. What I would still like to know is whether any of the network admin tools can trace the 'break' - advice appreciated. – P.Holmes Aug 03 '16 at 09:19
  • Hi @P.Holmes the tool you would want is `dig`. I provided one example in my first comment, but you would probably want to read up on the different ways to debug using `dig`. You can even write a script to cycle through your defined resolvers in `/etc/resolv.conf` using `dig @resolver_ip name` to see if one of your resolvers is acting up. – Aaron Aug 03 '16 at 17:32
  • Thanks again @Aaron. I found dig for Windows, thanks. I was assuning (incorrectly) is a LINUX only program. But. Since no one else in our wireless network uses LINUX and I need to be on the failed client's computer, Windows version essential. Now I have to wait for the next batch of DNS request failures. Days, weeks, months? Will try and get back here and report when it does happen. – P.Holmes Aug 04 '16 at 07:32

0 Answers0