|
[Other] DNS errors from The ShiningAll work and no play makes Jack a dull boy. All work and no play makes Jack a dull boy. All work and no play makes Jack a dull boy. ...
Hello, folks!
A maddening DSL/networking problem here. I write you from sunny Italy where tech support is as unreliable and laughable as in the US. We recently moved into an "office suite", which in this part of the world means a residential lease and residential ADSL through Infostrada. The modem/router is a D-LINK DSL-2640B. The problem predates our arrival.
The substance of the problem is intermittent and unpredictable DNS errors across the network -- both ethernet-connected and Wifi. It affects both a new iPad and a Win7 laptop. The Wifi seems to crap out more often than the LAN, but the LAN can crater for hours at a time. One device can be affected and another can be working. Just minutes ago, the iPad was able to connect to a webpage and surf while the Win7 laptop via Wifi was unable to surf.
I've gone through the usual DNS error troubleshooting steps. A few weeks back I started with trying to PING while the problem occurred. Here's a cut and paste:
Pinging 4.2.2.1 with 32 bytes of data: Request timed out. Reply from 4.2.2.1: bytes=32 time=52ms TTL=51 Reply from 192.168.1.1: Destination net unreachable. Reply from 4.2.2.1: bytes=32 time=52ms TTL=51
(I believe that was while on the LAN, by the way.)
I adjusted all the usual settings in the router according to different websites. I used a manually entered DNS primary and alternate. I upgraded the firmware to 4.0 from a 1.x early version. Still no improvement.
Finally, one of the people here brought an identical modem/router from home that had been used under previous Infostrada service. The problem still exists.
After many useless calls to tech support (e.g. turn on and off the modem, please....there's no sign of trouble here so you must be hallucinating, etc...) I disconnected the phone from the jack to cut it out of the loop thinking static or interference -- I also even unplugged all ethernet connections wondering if some network conflict might be causing it....Same error.
I have made no progress in fixing this. The internet is strangely unhelpful.
Any ideas about what may be going on here would be welcomed! I'm at a loss even beginning to theorize what may be going on and how to fix it. |
|
BinkVillains... knock off all that evil join:2006-05-14 Colorado |
Bink
Member
2012-Dec-14 10:18 am
Do pings only fail when pinging 4.2.2.1? What happens if you ping a well-known site that responds to pings like www.google.com? Do you have issues pinging another host on the LAN? In addition, I dont know if 4.2.2.1 uses anycast so, if you are in Italy, you might get better performance using Infostradas DNS servers. |
|
|
to heinrich66
i am with bink.
can you give us the output of the following ping replies (let them run for 20 seconds ctrl + c will stop the pings):
ping google.com -t
ping 8.8.8.8 -t
ping 208.67.222.222 -t
thanks. |
|
|
to heinrich66
I'm sure to catch more heat for this, but... » Re: WiFi problem with Galaxy SIII |
|
|
to tomdlgns
Thanks for your replies.
I unplugged the ethernet cable (which today has been working), switched on the Wi-Fi and connected. Win7 showed connected but with 'Limited access'.
Following the instructions above, I had Sent 10/Received 0 for 8.8.8.8.
For 208.67.222.222 with 12 sent, 10 were lost. But two came back with this:
Reply from 192.68.1.2: Destination host unreachable.
Also, as of right now, the router is still set up to use default Infostrada DNS servers. We had previously specified 8.8.8.8 and 8.8.4.4 at one point with no luck. |
|
|
since you are in Italy, it maybe that the ISP which usually happens in EU countries, they tend to block dns queries to outside dns servers. They provide their own and you should stick with those. I have had the same problem in many european countries trying to use OpenDNS/g00gle dns servers all with no luck.
When you do a request, there's a dns proxy that forwards all the requests to all outside dns queries to the internal dns server. many times that server is overloaded and not working properly.
Anyways, I recommend using the ISP's dns. |
|
Wily_One Premium Member join:2002-11-24 San Jose, CA |
to heinrich66
Why is everyone trying to use ping to troubleshoot DNS? ICMP can be blocked anywhere along the route.
To test if a DNS server is reachable:
telnet <ip-of-nameserver> 53
If you can make a connection, it tells you two things: 1) the name server is reachable on port 53, and 2) the name server is up and DNS is running.
If you cannot make a connection, could be any number of things, including a firewall somewhere is blocking port 53 or your ISP has no route, etc.
P.S. you can try any of the following for free, open recursive name servers:
AT&T: 4.2.2.1 & 4.2.2.2 Google: 8.8.4.4 & 8.8.8.8 Neustar DNS Advantage: 156.154.70.1 & 156.154.71.1 OpenDNS: 208.67.220.220 & 208.67.222.222 Symantec Norton DNS: 198.153.192.1 & 198.153.194.1 |
|
BinkVillains... knock off all that evil join:2006-05-14 Colorado |
Bink
Member
2012-Dec-14 3:52 pm
said by Wily_One:ICMP can be blocked anywhere along the route. Yes. Our world has become sadder. The PING of Death scare has convinced fools to disable ICMP (and break PMTUD in the process). Extra credit for those who allow UDP traceroute though the firewall
|
|
|
to Wily_One
Thanks for the replies.
I'll try the telnet suggestion and report back. I should mention again though in case it wasn't clear: the router is currently set up to use the ISP's default DNS. Problem stays the same.
As for pinging outside DNS servers, I am pretty sure that when the connection is 'up', I can ping any of the above (e.g. 4.2.2.1, 8.8.8.8) with no problem.
The main thing is that the problem is intermittent, though much worse on Wifi. On the LAN it may work for hours or give the DNS error when attempting to surf for hours. Wifi is like flipping a coin. You might be able to surf three or four pages until it goes out. On the iPad you have to manually reconnect to the network. On the Win7 laptop (when using Wifi) it doesn't seem to want to connect or work at all. |
|
|
you could try to telnet but it will again hit the proxy server and you would not know it... |
|
Wily_One Premium Member join:2002-11-24 San Jose, CA 1 edit |
Wily_One
Premium Member
2012-Dec-14 4:42 pm
The telnet port test is a better way to check DNS than ping.
The purpose of running the port test is to see if you can connect or not. If not, then the target server is unusable. What the cause is is out of his control.
heinrich, it sounds like your ISP is flakey in general. Other than switching ISPs, quite likely nothing you can do about it from your end but complain to them. |
|
|
|
to heinrich66
Can you also do a traceroute to the targets you're pinging? said by heinrich66:Reply from 192.68.1.2: Destination host unreachable. Of particular interest to me is the line above. Is that an IP address on YOUR network heinrich66, or something from the ISP's network? If you know the ISP's default gateway's IP address, what do extended pings show? Does the DSL-2640B show any indications of issues at the physical layer? ie. loss of sync, etc.? Regards |
|
cdruGo Colts MVM join:2003-05-14 Fort Wayne, IN |
to Wily_One
said by Wily_One:Why is everyone trying to use ping to troubleshoot DNS? ICMP can be blocked anywhere along the route. If only there was a TCP-based ping. |
|
|
not sure if tcping can be any better at any port other than http... |
|
cdruGo Colts MVM join:2003-05-14 Fort Wayne, IN |
cdru
MVM
2012-Dec-18 11:25 pm
said by Da Geek Kid:not sure if tcping can be any better at any port other than http... TCP based ping will tell you the response time over most any port. It also isn't normally blocked and/or deprioritized like ICMP often is these days. To unsophisticated routers and gateways, it looks like any other TCP-based traffic and tries to pass it along. |
|
|
tcpinging the dns proxy server will give you just that; and quite honest not sure if it's worth downloading the app. |
|
|
to Wily_One
said by Wily_One:To test if a DNS server is reachable:
telnet <ip-of-nameserver> 53
If you can make a connection, it tells you two things: 1) the name server is reachable on port 53, and 2) the name server is up and DNS is running.
If you cannot make a connection, could be any number of things, including a firewall somewhere is blocking port 53 or your ISP has no route, etc.
i have used telnet for mail servers and normally see text on the screen after a successful connection. i just tried telnet 8.8.8.8 53 and the cmd prompt was black/blank with a flashing cursor. i tried 8.8.8.23 assuming it was invalid and it times out. success= flashing cursor fail= connect fail reply in command prompt is that accurate? thanks. |
|
Wily_One Premium Member join:2002-11-24 San Jose, CA
1 recommendation |
Wily_One
Premium Member
2012-Dec-26 2:48 pm
You must be trying telnet from Windows. The Windows telnet client is wonky, hiding any useful connection details that tells you if you've actually connected or not. But yes, a blinking cursor with no error means a successful connection, which means the port is both open and reachable from your client. To compare, from a Unix/Linux telnet client I get: $ telnet 8.8.8.8 53
Trying 8.8.8.8...
Connected to google-public-dns-a.google.com (8.8.8.8).
Escape character is '^]'.
Connection closed by foreign host.
$ telnet 4.2.2.1 53
Trying 4.2.2.1...
Connected to a.resolvers.level3.net (4.2.2.1).
Escape character is '^]'.
^]
telnet> quit
Connection closed.
|
|
|
tomdlgns
Premium Member
2012-Dec-26 3:23 pm
yup, using windows. i like seeing something, but good to know that nothing, in this case, is good.
i tried firing up putty, but all i get is a quick flash and the command box (putty) disappears.
i tried 8.8.8.8, raw, port 53 and clicked open.
thanks for the reply. |
|