1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Newbie question: can do ping on router, but not on clients...

Discussion in 'Asuswrt-Merlin' started by Bamsefar, Jan 20, 2020.

  1. Bamsefar

    Bamsefar Senior Member

    Joined:
    Oct 11, 2014
    Messages:
    321
    So I can ping
    login003.stockholm.se
    on my AX88 router - works perfect. GUI and commandline, both works just great.

    However my clients, windows/linux/android, can not.

    I use Diverson and Skynet - both are disabled !
    It does not matter, on the router I can, on the clients I can not...

    So why I wonder - what is it that I am missing? must be something easy - I am feeling like a newbie...

    I did have a look at the log for dnsmasq and it seems to set the adress to 127.1.1.0 - no matter what. And yet again, the router has no problems with name resolution - just the clients...
     
  2. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    10,617
    Location:
    UK
    What do the clients get from an nslookup?

    Code:
    C:\>nslookup login003.stockholm.se
    Server:  RT-AC68U.home.lan
    Address:  192.168.1.1
    
    Non-authoritative answer:
    Name:    login003.id.stockholm.se
    Address:  217.21.237.96
    Aliases:  login003.stockholm.se
     
  3. Bamsefar

    Bamsefar Senior Member

    Joined:
    Oct 11, 2014
    Messages:
    321
    That is a very good question, and the result is:
    Code:
    Windows:
    C:\>nslookup login003.stockholm.se
    Server:  router.asus.com
    Address:  10.168.1.1
    
    *** router.asus.com can't find login003.stockholm.se: Server failed
    
    Code:
    Linux/Ubuntu 18.04LTS:
    > nslookup login003.stockholm.se
    Server:         127.0.0.53
    Address:        127.0.0.53#53
    
    ** server can't find login003.stockholm.se: SERVFAIL
    
    Code:
    Asus router:
    # nslookup login003.stockholm.se
    Server:    9.9.9.9
    Address 1: 9.9.9.9 dns9.quad9.net
    
    Name:      login003.stockholm.se
    Address 1: 217.21.237.96 login003.id.stockholm.se
    
    Do note that I can access stockholm.se - but not the login003.stockholm.se.
     
  4. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    10,617
    Location:
    UK
    Is your router's address really 10.168.1.1 ?
     
  5. Bamsefar

    Bamsefar Senior Member

    Joined:
    Oct 11, 2014
    Messages:
    321
  6. Bamsefar

    Bamsefar Senior Member

    Joined:
    Oct 11, 2014
    Messages:
    321
    And what was wrong? DNS-over-TLS was on, and that made connections from client to not work, but it did work from Asus router.

    Still do not get why that kind of did not work, why is the router using different DNS method/connection instead of the DoT setup?
     
  7. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    10,617
    Location:
    UK
    Code:
    384.12 (22-June-2019)
      - CHANGED: The router will now use ISP-provided resolvers
                 instead of local dnsmasq when attempting to
                 resolve addresses, for improved reliability.
                 This reproduces how stock firmware behaves.
                 This only affects name resolution done
                 by the router itself, not by the LAN clients.
                 The behaviour can still be changed on the
                 Tools -> Other Settings page.
     
    Bamsefar likes this.
  8. Bamsefar

    Bamsefar Senior Member

    Joined:
    Oct 11, 2014
    Messages:
    321
    So quad9 does not resolve login003.stockholm.se - but works for stockholm.se, go figure....
     
  9. Bamsefar

    Bamsefar Senior Member

    Joined:
    Oct 11, 2014
    Messages:
    321
    Have to reopen this....

    Changed to Cloudflare, and thought that would solve this. It did not.

    If I use 1.1.1.1 / 1.0.0.1 as static DNS, and not using DoT, it works.
    Turning on DoT, Cloudflare, I still are refused to get login003.stockholm.se resolved.

    Since 1.1.1.1 and cloudflare-dns.com under DoT should be the same right, but DoT will not resolve.

    So I had to turn off DoT for accessing login003.stockholm.se (which is a site that keeps track of where I am in the que to rental appartments in Stockholm, so not something direct special I would say). I simply do not get this....
     
  10. Bamsefar

    Bamsefar Senior Member

    Joined:
    Oct 11, 2014
    Messages:
    321
    Google DoT works....

    And now that I changed back to Cloudflare this works again. I am back at the privious config that did not work, and now it works.....