DNS server settings causing regular intermittent internet outages

Comments

26 comments

  • Avatar
    mattwilson9090

    More than likely this is an issue with your ISP, or one of their upstream connections to OpenDNS. As a first step in troubleshooting please respond to the following

    What happens when you go to the following website? What message do you receive? http://welcome.opendns.com/

     

    If you are trying to block adult websites, what happens when you go to this website? http://www.exampleadultsite.com/

     

    Please copy and paste the complete output of the following commands. If you choose to provide a screenshot rather than pasting the text do not provide a link to a third party website since it's very possible that the security conscious people reading this forum have that domain blocked. Instead use the "Attach file" link at the bottom of this page. Note, the periods at the end of each command are part of the command, do not omit them or the results won't be usable for diagnostic purposes.

     

    nslookup -type=txt debug.opendns.com.

     

    nslookup www.exampleadultsite.com.

     

    ipconfig/all

    0
    Comment actions Permalink
  • Avatar
    as147

    A bit more information for you. I put back the OpenDNS primary and secondary DNS server settings on my router but switched off parental controls. Access to was much better (almost perfect). It's possible that if there were problems with my ISP they may have been resolved but it's probably too soon to tell.

    My settings OpenDNS settings are
    Live Parental controls: Enabled
    Filtering level: Low (Protects against pornography and phishing attacks)

    On the Netgear site the parental controls show

    Default settings
    12:00am to 5:00am Minimal
    All other times (default) Low
    Add a block time 12:00am - 12:00am Low

    User settings are set as above
    Bypass account: User

     

    I have now run the tests you requested (results below). I ran them at 11pm and am NOT logged into a bypass account

    going to http://welcome.opendns.com/ - worked

    going to http://www.exampleadultsite.com/ displayed the page rather than block it.

    The nslookup -type output produced:

    1.1.168.192.in-addr.arpa
            primary name server = localhost
            responsible mail addr = nobody.invalid
            serial  = 1
            refresh = 600 (10 mins)
            retry   = 1200 (20 mins)
            expire  = 604800 (7 days)
            default TTL = 10800 (3 hours)
    Server:  UnKnown
    Address:  192.168.1.1

    debug.opendns.com       text =

            "server 3.syd"
    debug.opendns.com       text =

            "device 00007ABF1212FAD5"
    debug.opendns.com       text =

            "flags 422 0 8010 1840000000000000000"
    debug.opendns.com       text =

            "originid 27456154"
    debug.opendns.com       text =

            "actype 1"
    debug.opendns.com       text =

            "bundle 27456154"
    debug.opendns.com       text =

            "source 122.107.216.203:44104"

    The nslookup www.exampleadultsite.com output produced:

    1.1.168.192.in-addr.arpa
            primary name server = localhost
            responsible mail addr = nobody.invalid
            serial  = 1
            refresh = 600 (10 mins)
            retry   = 1200 (20 mins)
            expire  = 604800 (7 days)
            default TTL = 10800 (3 hours)
    Server:  UnKnown
    Address:  192.168.1.1

    Name:    www.exampleadultsite.com
    Address:  67.215.92.210

     

    Ipconfig/all produced:

    Windows IP Configuration

       Host Name . . . . . . . . . . . . : WMC2
       Primary Dns Suffix  . . . . . . . :
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No

    Ethernet adapter Ethernet:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Intel(R) 82566DC-2 Gigabit Network Connection
       Physical Address. . . . . . . . . : 00-22-19-25-AA-E2
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::ed02:7986:2365:223b%11(Preferred)
       IPv4 Address. . . . . . . . . . . : 192.168.1.6(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Lease Obtained. . . . . . . . . . : Wednesday, 3 August 2016 1:35:06 AM
       Lease Expires . . . . . . . . . . : Saturday, 6 August 2016 6:00:35 PM
       Default Gateway . . . . . . . . . : 192.168.1.1
       DHCP Server . . . . . . . . . . . : 192.168.1.1
       DHCPv6 IAID . . . . . . . . . . . : 201335321
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-FF-D0-81-00-22-19-25-AA-E2
       DNS Servers . . . . . . . . . . . : 192.168.1.1
       NetBIOS over Tcpip. . . . . . . . : Enabled

    Tunnel adapter isatap.{CCE7E4B5-6BE2-4509-94F5-1438B58C1A2A}:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Teredo Tunneling Pseudo-Interface:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:1c51:2d43:8594:2734(Preferred)
       Link-local IPv6 Address . . . . . : fe80::1c51:2d43:8594:2734%4(Preferred)
       Default Gateway . . . . . . . . . : ::
       DHCPv6 IAID . . . . . . . . . . . : 285212672
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-FF-D0-81-00-22-19-25-AA-E2
       NetBIOS over Tcpip. . . . . . . . : Disabled

    0
    Comment actions Permalink
  • Avatar
    as147

    Sorry, my first paragraph above was meant to say this (see highlighted text):

    "I put back the OpenDNS primary and secondary DNS server settings on my router but switched off parental controls. Access for the last week was much better (almost perfect). For these tests I switched parental controls on and for the last hour its been fine. It's possible that if there were problems with my ISP they may have been resolved but it's probably too soon to tell.

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    It looks like you try to use both in parallel, OpenDNS Home and Netgear LPC.  You cannot do this due to their incompatibility.  Decide for the one or other.

    0
    Comment actions Permalink
  • Avatar
    mattwilson9090

    And then when you decide you need to completely remove all settings for the one you aren't using, both on your own network, as well as in the dashboard.

    0
    Comment actions Permalink
  • Avatar
    as147

    What do you mean using both OpenDNS and Netgear LPC? Isn't LPC just a front end/branding for OpenDNS?

    When you go into Netgear parental controls on the router via the web interface it takes you to http://netgear.opendns.com/ Live Parental Controls (LPC) is just the name Netgear gives OpenDNS support isn't it?

    See attached bitmap. When you go to support on the above website you get to https://opendns.zendesk.com/forums/21313122-Netgear-Live-Parental-Controls

    If these are two different applications what are the two programs that support them?




    Untitled.jpg
    0
    Comment actions Permalink
  • Avatar
    mattwilson9090

    No, LPC is not a front end or branding for OpenDNS. It is a completely separate solution that uses OpenDNS technology to provide the DNS related portions of it's functionality. It is incompatible with all other OpenDNS products, including OpenDNS Home (the free product) and Umbrella.

    Bottom line, if you want to use LPC you have to delete anything that is configured at https://dashboard.opendns.com/ as well as removing OpenDNS DNS addresses that you have manually configured on the router. Unless you do both of those things you will effectively be using two incompatible products and will receive inconsistent results.

    0
    Comment actions Permalink
  • Avatar
    as147

    All my settings are performed from the Netgear router web interface or the Netgear Genie local application. So it is likely that other than an openDNS account (which I think is used by LPC) I have incorrectly stated the facts and am not actually using OpenDNS. I haven't set any DNS addresses manually other than those given to me by the ISP when I started to try and troubleshoot this issue. Prior to this the primary and secondary DNS IP addresses appear on my router when I switch on LPC (or as I incorrectly stated OpenDNS). Only when I switch off parental controls am I able to change the primary and secondary addresses on the router to my ISP's DNS settings.

    Can you advise me how I go about using OpenDNS instead of LPC (as I know how to use and switch off LPC) but have no idea how to configure my network for OpenDNS. When I look at OpenDNS dashboard it states I have an account but no networks and I see references to OpenDNS Updater. Thanks for your help.

     

    I just checked the openDNS dashboard and there doesn't seem to be anything setup.

    0
    Comment actions Permalink
  • Avatar
    mattwilson9090

    After disabling LPC, Go to this link https://www.opendns.com/home-internet-security/ and click on the SIGN UP button for OpenDNS Home. It will walk you through the steps you need to follow. In a nutshell you'll be adding the OpenDNS addresses to the router, configuring a way to register (and update) your public IP address with your OpenDNS account, and then configuring your OpenDNS settings on your dashboard.

    Assuming OpenDNS Home works for you and you decide to stay with it instead of LPC you'll need to delete all of the settings you have at netgear.opendns.com

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    The problem seems to be that your IP address 122.107.216.203 is registered with OpenDNS network ID 27456154.  So the settings of this dashboard network may take precedence over your LPC settings and ignoring the latter.

    Your IP address information may be registered by another OpenDNS user, so you want to open a support ticket to get this removed.

    0
    Comment actions Permalink
  • Avatar
    as147

    Hi rotblitz, how is this happening if I am not actually using OpenDNS but using Netgear LPC? I have logged a ticket as suggested

    0
    Comment actions Permalink
  • Avatar
    as147

    Folks, a big question is on LPC I had the ability to have time based or user based exclusions to the filtering rules. These don't appear to be available in Home Internet. Is there a free solution or is that part of the paid service?

     

    Mattwilson9090, you can understand why I think LPC and OpenDNS are the same product

    1. LPC and OpenDNS use the same account so no need to setup another one. I chose the Home Internet Security as you recommended and it wouldn't let me create a new account but I could log on with the currently defined account being used by LPC.
    2. The primary and secondary DNS settings are identical to the OpenDNS home settings 208.67.222.222 & 208.67.220.220

    I have disabled LPC - not deleted any settings on netgear.opendns.com yet

    I registered my public IP addresses with my OpenDNS account? I assume I keep it up to date with OpenDNS-Updater-2.2.1.exe (downloaded not yet run)?

    0
    Comment actions Permalink
  • Avatar
    mattwilson9090

    LPC is the only OpenDNS related product that has any sort of time based filtering. User or machine based filtering is possible with the different flavors of Umbrella when you install the agent on an individual device. So far as I know all the paid products allow the use of a bypass account or code, you wouldn't have automatic machine or user based settings, but you also wouldn't need to install or use the agent.

    Yes, you either need the Updater, or some other updating method, such as a router that supports updates directly to OpenDNS or via DNS-O-Matic to keep your IP address updated.

    0
    Comment actions Permalink
  • Avatar
    as147

    Thanks for the quick response Matt. So back to the a point which I think is now proven to be correct. I don't think I was using both products at the same time!

    1. LPC and OpenDNS they use the same account (you setup an account via LPC but it creates it on OpenDNS)
    2. LPC uses the same DNS addresses that OpenDNS Home Security uses
    3. I didn't have any networks setup in OpenDNS

    Do you agree?

    If so then this is the issue!

    Do you think Rotblitz might be correct when he states the below....
    "The problem seems to be that your IP address 122.107.216.203 is registered with OpenDNS network ID 27456154.  So the settings of this dashboard network may take precedence over your LPC settings and ignoring the latter. Your IP address information may be registered by another OpenDNS user, so you want to open a support ticket to get this removed"

    0
    Comment actions Permalink
  • Avatar
    mattwilson9090

    Yes, that's most likely the case since the diagnostic results indicated that your IP address was registered to an OpenDNS account. If you didn't have a network associated with your account, then the network must have been associated with someone else's account, which would certainly lead to unexpected filtering results.

    0
    Comment actions Permalink
  • Avatar
    as147

    Thanks Matt. What in the diagnostic is stating 122.107.216.203 is registered with OpenDNS network ID 27456154.

    I can see this in the diagnostic output but not sure what it is saying. Does originid mean that belongs to OpenDNS?

    "originid 27456154" debug.opendns.com text = "actype 1"
    debug.opendns.com       text = "bundle 27456154"

    My internet service is now working more reliably (I assume because the public facing IP allocated to me by my ISP is talking directly to OpenDNS DNS servers). As recommended I opened a ticket with OpenDNS a few days ago.

    0
    Comment actions Permalink
  • Avatar
    as147

    Folks, I am further convinced that the two products can work together and are designed to do so. At the top of the OpenDNS dashboard stats page there is a link http://netgear.opendns.com/ that is called "manage your NETGEAR device" and it shows the LPC settings as I described earlier i.e. the filtering level and exclusion times etc.

    Comments?

     

    0
    Comment actions Permalink
  • Avatar
    mattwilson9090

    Just because two different products share some of the same infrastructure (such as DNS server addresses or account login credentials) does not mean they are complementary or can work together.

    LPC and OpenDNS most definitely were NOT designed to work together. There are many years of messages in which OpenDNS employees have posted in this forum where they state that the two products are not compatible, and that you have to choose which one you want to use, and then completely decommission the other one. No one here is going to tell you otherwise, or provide any support or advice in getting the two to work together.

    0
    Comment actions Permalink
  • Avatar
    as147

    Matt I appreciate what everyone is saying but I have no information from anyone saying "how" I am supposedly using OpenDNS? This is the key question.

    • I didn't have a network defined in the dashboard or any other dashboard settings
    • I am not using dnsupdater

    I temporarily just setup OpenDNS and switched off LPC and everything is stable. I wish to switch back to LPC so apart from deleting the network I have defined what else is required? I can see there are tick boxes selected in the various dashboard settings (probably as a default to the network I temporarily setup). If when removing the network these boxes don't clear themselves should I also untick them? e.g. collect stats, dynamic update enabled, phishing protection

     

    Lastly, I just received a response from the OpenDNS ticket regarding

    "The IP address you submitted has been registered to you and there was no other OpenDNS client using this IP address (122.107.216.203)."

    So the suggestion from Rotblitz (below) has been discounted

    The problem seems to be that your IP address 122.107.216.203 is registered with OpenDNS network ID 27456154.  So the settings of this dashboard network may take precedence over your LPC settings and ignoring the latter. Your IP address information may be registered by another OpenDNS user, so you want to open a support ticket to get this removed

    0
    Comment actions Permalink
  • Avatar
    mattwilson9090

    Delete the network you have setup on the OpenDNS dashboard. Remove any other settings you manually added anywhere. Reenable LPC. I'm done with this thread so if you have any other issues I suggest opening a ticket with OpenDNS.

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    "So the suggestion from Rotblitz (below) has been discounted"

    OpenDNS' response rather indicates that my suggestion holds true.  I raised it two days before, and a lot can change regarding IP address assignments during two days. 
    Definitely, at this time (on Aug 7) your IP address information was registered with another OpenDNS network.  This user may have run another update in the meantime which freed up your IP address information.

    0
    Comment actions Permalink
  • Avatar
    iguanac64

    I've been having the same problem as the original poster.  I do not have a Netgear router.  I have my Century Link provided router with no child controls enabled (it has none).  Over the last couple of months, maybe every few days.  It goes away after about 10-20 minutes...about the time it takes to start realizing there's an issue and going to investigate.

    When it's happening, I can ping IP addresses, but no name resolution works.  I change my comp's DNS settings to Google and my name resolution works again.

    I realized I had not run the IP updater in a while and my public IP was significantly different from what was on my OpenDNS page.

    I downloaded the updater and everything looks right on my OpenDNS profile.  I asked my wife to let me know if it happens again.  If you don't hear from me, then running the IP updater prolly nailed it.

    0
    Comment actions Permalink
  • Avatar
    mattwilson9090

    The Updater (or anything that provides similar functionality) is not something that should only be run occasionally, or when you think there are problems. It is something that needs to be running at all times, so that changes in your IP address are detected automatically and immediately, and automatically updated, resulting in no loss of service or protection.

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    @iguanac64
    "I've been having the same problem as the original poster."

    No, you don't, because you "do not have a Netgear router".  The problem was specific to Netgear LPC only.  It cannot happen with a different router.

    "When it's happening, I can ping IP addresses, but no name resolution works."

    In this case your problem is not related to the Updater either.  It looks like a bug in the router's firmware.

    0
    Comment actions Permalink
  • Avatar
    iguanac64

    Thanks, Matt...it wasn't intentional, just forgot to install it when I built my new computer a couple of years ago.  Problem hasn't reoccurred in last three days since I ran the updated after reading your messages.

    Rotblitz, possible...but my symptoms are exactly the same as the original poster's which is how I got to this thread.  Same router last two+ years...only recently having the problem.

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    "Same router last two+ years...only recently having the problem."

    Not changing anything is never a good argument for anything, especially not in IT.  Rather to the contrary.  Sometimes it is mandatory to change something to keep things going, because everything else around changes all the time.

    0
    Comment actions Permalink

Please sign in to leave a comment.