DNS resolution issues

Started by mortomanos, March 28, 2021, 12:56:14 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 28, 2021, 12:56:14 PM
I have a standard configuration with LTE as WAN interface, and DHCP on LAN. Unbound is configured as DNS on the firewall.

Most clients have a very strange behaviour. From time to time (multiple times each hour) DNS resolution stops working, e.g. when trying to browse a website or use Youtube app on mobile phones. It helps (on WLAN devices) to enter airplane mode for a few seconds and reenter WLAN - then the DNS resolution works again.

When I configure "Enable forwarding mode" (DNS query forwarding) this issue was gone, but the local DHCP clients then are no longer resolvable.

What I discovered today is, that on a Mac connected via LAN, the following happens:

Code Select
imac5k:~ xxx$ ping www.google.at
ping: cannot resolve www.google.at: Unknown host
imac5k:~ xxx$ nslookup www.google.at
Server: 10.1.1.254
Address: 10.1.1.254#53

Non-authoritative answer:
Name: www.google.at
Address: 142.250.185.131

imac5k:~ xxx$ ping www.google.at
ping: cannot resolve www.google.at: Unknown host
imac5k:~ xxx$ nslookup www.google.at 10.1.1.254
Server: 10.1.1.254
Address: 10.1.1.254#53

Non-authoritative answer:
Name: www.google.at
Address: 142.250.185.131

imac5k:~ xxx$ ping www.google.at
ping: cannot resolve www.google.at: Unknown host
imac5k:~ xxx$ host www.google.at
www.google.at has address 142.250.185.131
www.google.at has IPv6 address 2a00:1450:4001:812::2003
imac5k:~ xxx$ ping www.google.at
ping: cannot resolve www.google.at: Unknown host

So "ping" does not resolve, "nslookup" and "host" do. After trying to open www.google.at in another Safari tab the resolution suddenly started working.

Is anyone able to help me in resolving this issue?
March 28, 2021, 01:50:49 PM #1
Are you sure your LTE connection isnt bugging out? i mean its LTE, might be that your route to the DNS servers are not working temporary.
OR maybe try different DNS servers as a test?
March 28, 2021, 03:36:23 PM #2
LTE is stable (in fact it is UMTS HSDPA), I have a permanent ping running which doesn't drop anything. The same connection worked well using a LTE bridge over a ZyXEL firewall, with no DNS issues. So it must be something in the config. I also tried several DNS servers, the ones from the LTE provider, google DNS and others.
Print
Go Up Pages1
User actions