Intermittent DNS failure? Dnsmasq hanging? 384.19 on RT-AX88U

johnv621

New Around Here
Hi all,

I've had my AX88U setup running well for several months (Diversion, SkyNet, YazFi, etc.). The issue below seemed to start occurring when I recently upgraded to 384.19. I've tried various logs/troubleshooting and can't figure out the root cause. Basically the router appears to intermittently stop responding to client DNS requests. The effect is that 70-80% of my browsing is normal, and the rest of the time I have to reload pages multiple times before the DNS resolves and the pages load. I've done several speed/load tests and there don't seem to be any connectivity issues, so I'm convinced it's a DNS problem. A few pages will load correctly, and then every few minutes one will "time out" several times but then load ~30 seconds later.

Current config is:
1601458012673.png

and I have several of the Preset IPv4 servers selected.

1601458313494.png


Using nslookup and Wireshark on the client, the client is correctly pointed to the router DNS server, but the response is "Server Fail". During this "outage", a dig command on the router for the same domain *DOES* complete successfully. Using Diversion 'f' to follow dnsmasq, the client query doesn't show up. The log will 'freeze' for 10-30 seconds, and then all of a sudden a flood of requests will come through (including the initial client request). Once this happens, a query response is received and the client page eventually loads.

If I set the clients to bypass the router DNS, everything works fine. But, I'd like to get it fixed so I can use DoT on the router.

Thoughts? Thanks in advance!
 

lorkadiscovery

Occasional Visitor
Hi all,

I've had my AX88U setup running well for several months (Diversion, SkyNet, YazFi, etc.). The issue below seemed to start occurring when I recently upgraded to 384.19. I've tried various logs/troubleshooting and can't figure out the root cause. Basically the router appears to intermittently stop responding to client DNS requests. The effect is that 70-80% of my browsing is normal, and the rest of the time I have to reload pages multiple times before the DNS resolves and the pages load. I've done several speed/load tests and there don't seem to be any connectivity issues, so I'm convinced it's a DNS problem. A few pages will load correctly, and then every few minutes one will "time out" several times but then load ~30 seconds later.

Current config is:
View attachment 26565
and I have several of the Preset IPv4 servers selected.

View attachment 26566

Using nslookup and Wireshark on the client, the client is correctly pointed to the router DNS server, but the response is "Server Fail". During this "outage", a dig command on the router for the same domain *DOES* complete successfully. Using Diversion 'f' to follow dnsmasq, the client query doesn't show up. The log will 'freeze' for 10-30 seconds, and then all of a sudden a flood of requests will come through (including the initial client request). Once this happens, a query response is received and the client page eventually loads.

If I set the clients to bypass the router DNS, everything works fine. But, I'd like to get it fixed so I can use DoT on the router.

Thoughts? Thanks in advance!
What are you using as the DoT servers?

I had the same issue using Quad9 as the DoT servers but now using google for the DNS servers and cloudflare as DoT I dont get the issue anymore.
 

det721

Very Senior Member
Don't use cloudflare i had wierd issues every time i used them going to Goggle dns fixed them all.
 

Yo_2T

Occasional Visitor
I've had the same issue every time I switch to using DoT. For me it just flashes for like a second (showing DNS lookup error) and then it loads normally. Happens randomly, but more frequently with Quad9 and CF. Google DNS seems the most stable on DoT but it still happens once every few days.
 

adrenalize

Occasional Visitor
I've experienced similar here using DoT on an AX88U. I had been using Quad9 for while with no issues then had a few things showing DNS failure, like my TV and VoIP phone not registering - I guess they tried DNS once and gave up rather than retrying - Then a few weeks back it pretty much stopped altogether. Changed to CloudFlare DoT and all working fine. I have seen a few twitter posts on Quad9 about performance and a reply from Bill Woodcock mentioning DoT obvioulsy has a fairly big increase on overhead (both ends) and sounds like some servers may be at capacity http://www.snbforums.com/threads/changing-dns-server-to-quad9.66404/post-619311
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top