RT-AX58U sudden DNS problem - URGENT

[xmanyes]

Hi,

Distressed dad here trying to stave off angry wife and kids...

Suddenly yesterday, out of the blue, DNS stopped working for all devices...

We have Asus RT-AX58U router for at least 3 years and I have Merlin installed from the beginning. No major issues with it, I don't run much scripts on it:

- Skynet
- scMerlin
- YazDHCP
- AdGuard Home (all DNS resolutions + DNS cache through it)

On the Wan I have DNS set to manual: 9.9.9.9 and 1.1.1.1 and I had in Lan\DNS Director set the same IPs for other members, all devices set to DHCP. IPv6 is disabled.

I did installed Diversion last week, to see if it could do something and it ran until yesterday, I would say, without any problems as nobody was complaining.

What I tried and didn't work:

- reboot modem and router
- checked with ISP/fiber provider in case they have problems on their side (they don't)
- uninstalled Diversion
- uninstalled / reinstalled Skynet & also temporary stop
- reconfigured AdGuard's settings so it won't serve DNS requests through it & without its DNS cache (basically disabling it for what it did before)
- set WAN\DNS Server to be automatically assigned by ISP
- disabled/enabled LAN\DNS Director
- deleted/recreated SWAP file & checked the USB

And here my abilities to fix things stop... Ping would work for DNS server set IPs, but not for domains.

In the System Log I can see frequently entries about dnsmasqm (like every 5-10 min), notably:

rc_service: service 17410: notify_rc restart_dnsmasq

Few lines of restarting firewall then follow and if I check amtm/Skynet, there is everything normal (green line with the number of IPs baned, etc.), no lock file announced.

This (above) I could do from yesterday and still name resolution don't work. I hope some good soul might help me out with some terminal command magic (that I don't know) as otherwise whole family will have internet through my mobile hotspot until this is resolved...

Cannot access even this forum from PC, so this is typed from a phone

Help, please...

P.s.
If I set manual DNS addresses at the PC (instead of automatic from DHCP) PC would resolve domains normally, which just shows that router is the source of the DNS problems

 

[Jeffrey Young]

From your description, dnsmasq is crashing. Is there anything in the logs dnsmasq specific indicating an error?

Disable user scripts and see if the router returns to normal operations. Also if the family needs the internet for work or school, it will get you by until you can troubleshoot.

 

[Jeffrey Young]

PS, I would suspect a corrupted or malformed MAC address in YazDHCP script. I know dnsmasq will fail to start if there is a bad config file or a config file with errors in it. Have had to deal with that myself a time or two.

 

[xmanyes]

PS, I would suspect a corrupted or malformed MAC address in YazDHCP script. I know dnsmasq will fail to start if there is a bad config file or a config file with errors in it. Have had to deal with that myself a time or two.

Thank you for both replies. I disabled the JazDHCP and apparently, this was the culprit... TV started to work right away, so it was as you predicted... dnsmasq was crashing because of YazDHCP, now I only need to find which was the culprit.

Thousand times THANK YOU !!!

 

[xmanyes]

Well... maybe we blamed YazDHCP prematurely...

I only temporarily experienced that connection to TV and clients was restored and after a while it went down again

I reason dnsmasq is also connected with firewall and voila! when I switch off the Firewall (Enable Firewall to Off in asus web interface), connection is back on. Good thing is that now the connection is not interrupted (guess it lasted for the time when dsnmasq could reaload when I unistalled YazDHCP), but bad thing is I don't have firewall...

Apparently dnsmasq / firewall decided yesterday to go rogue for some reason..., any suggestion?

 

[ColinTaylor]

Well... maybe we blamed YazDHCP prematurely...

I only temporarily experienced that connection to TV and clients was restored and after a while it went down again

I reason dnsmasq is also connected with firewall and voila! when I switch off the Firewall (Enable Firewall to Off in asus web interface), connection is back on.

Apparently dnsmasq is somehow broken, any suggestion?

Never turn off the router's firewall. If that's "fixed" your problem then it's coincidental and the true problem lies elsewhere. Turn the firewall back on.

As post #2 said, disable scripts (Administration - System > Enable JFFS custom scripts and configs) until you have the time to diagnose the problem fully.

 

[Jeffrey Young]

Dito on what @ColinTaylor said about turning your fire wall off. The last thing you want is to be left exposed to the greater web.

Look through your syslog carefully for any issues that dnsmasq is reporting prior to it restarting for clues as to what is going on.

 

[xmanyes]

which

Never turn off the router's firewall. If that's "fixed" your problem then it's coincidental and the true problem lies elsewhere. Turn the firewall back on.

As post #2 said, disable scripts (Administration - System > Enable JFFS custom scripts and configs) until you have the time to diagnose the problem fully.

I did that (disabled scripts at Administration - System > Enable JFFS custom scripts and configs), and turned the firewall on, but have this in the log, seems like without the scripts, firewall would not start

Here is the log after that:


Feb 29 16:11:02 rc_service: httpd 1670:notify_rc restart_firewall
Feb 29 16:11:02 custom_script: Found service-event, but custom script execution is disabled!
Feb 29 16:11:02 custom_script: Found firewall-start, but custom script execution is disabled!
Feb 29 16:11:02 custom_script: Found service-event-end, but custom script execution is disabled!
Feb 29 16:11:28 hour_monitor: value = 2(0x2)

It does show like it is "enabled" in Firewall settings... (pic).

And while I know this is not a solution, I am not versed enough to go under the hood and see what is going on with the dnsmasq, this is most likely the main culprit as it was present many times. Too many, if you ask me...

 

[ColinTaylor]

That's fine. It's telling you that it's ignoring your custom scripts, which is exactly what you want it to do.

 

[xmanyes]

Ok, what now? I haven't added those scripts there.

I did uninstalled almost everything (Diversion, Skynet, YazDHCP), to find possible reason, I guess now I can reinstall them back. Are those scripts, that I just disabled, remnants of these "apps" maybe?

 

[LCalrissian]

I am having this issue too after upgrading to 3004.388.6.2 firmware. Did you do the upgrade XMaynes?

I also have an AX58U, running Merlin. I was having an issue where only Apple and Windows clients seemed able to connect but Linux and Android clients could not. I run Diversion; when I disabled Diversion all clients could connect. For now I've disabled diversion and reconfigured DNS to reflect that but I'm unhappy to give up the router-based adblocking, I wonder what is wrong here...

 

[dave14305]

I run Diversion; when I disabled Diversion all clients could connect. For now I've disabled diversion and reconfigured DNS to reflect that but I'm unhappy to give up the router-based adblocking, I wonder what is wrong here...

Diversion has an issue with the new dnsmasq version in 388.6_2 when alternate blocking list is enabled.

 

[xmanyes]

Yes, agte

I am having this issue too after upgrading to 3004.388.6.2 firmware. Did you do the upgrade XMaynes?

I also have an AX58U, running Merlin. I was having an issue where only Apple and Windows clients seemed able to connect but Linux and Android clients could not. I run Diversion; when I disabled Diversion all clients could connect. For now I've disabled diversion and reconfigured DNS to reflect that but I'm unhappy to give up the router-based adblocking, I wonder what is wrong here...

Actually, it happened before firmware upgrade, but I did updated ep in the amtm...

Disabling custom scripts in Administration did it for me...

 

[xmanyes]

Diversion has an issue with the new dnsmasq version in 388.6_2 when alternate blocking list is enabled.

Good to know, will not install Diversion...

 

[dave14305]

Good to know, will not install Diversion...

You can install Diversion. Just don’t enable fast-switch/alternate blocking lists for now.

With all the problems you had and all the random fixes attempted, you probably should just reset to factory default and reconfigure from scratch. Save your syslog first for analysis.