Hi,
I find that DNS is now not working via forward.
The router DNS configuration is pretty much stock standard.
My DNS configuration is:
- “use forwarding” is ticked in the foris configuration
- “Disable DNSSEC” is not ticked in the foris configuration
- “Enable DHCP clients in DNS” is not ticked in the foris configuration
If I untick “use forwarding” then DNS resolution works again, locally.
OpenWrt omnia 15.05 r47055 / LuCI 49c3edd5861fd032fa8379ceda525c27a908a114 branch (git-17.212.24321-49c3edd)
root@turris:/tmp/etc# uname -a
Linux turris 4.4.87-cb5e816fa6b1a6b5342df69755869d71-2 #1 SMP Wed Sep 13 18:51:42 CEST 2017 armv7l n
root@turris:~# ping -c 1 8.8.8.8 | grep “bytes from”
64 bytes from 8.8.8.8: seq=0 ttl=55 time=21.306 ms
root@turris:/tmp/etc# dig www.google.com
; <<>> DiG 9.10.5-P3 <<>> www.google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 12323
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.google.com. IN A
;; Query time: 66 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Sep 15 05:04:47 AEST 2017
;; MSG SIZE rcvd: 32
root@turris:~# nslookup www.google.com
nslookup: can’t resolve ‘(null)’: Name does not resolve
nslookup: can’t resolve ‘www.google.com’: Try again
root@turris:~# cat /etc/resolv.conf
search lan
nameserver 127.0.0.1
root@turris:/tmp/etc# ps ww | grep dnsmasq
3211 nobody 892 S /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf -k -x /var/run/dnsmasq/dnsmasq.pid
3214 root 888 S /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf -k -x /var/run/dnsmasq/dnsmasq.pid
17309 root 1088 R grep dnsmasq
root@turris:/tmp/etc# cat /tmp/resolv.conf.auto
# Interface wan
nameserver 61.9.211.33
nameserver 61.9.211.1
search telstra.com.au
root@turris:/tmp/etc# dig www.google.com @61.9.211.33
; <<>> DiG 9.10.5-P3 <<>> www.google.com @61.9.211.33
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27915
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.google.com. IN A
;; ANSWER SECTION:
www.google.com. 173 IN A 216.58.199.36
;; Query time: 8 msec
;; SERVER: 61.9.211.33#53(61.9.211.33)
;; WHEN: Fri Sep 15 04:56:35 AEST 2017
;; MSG SIZE rcvd: 59
root@turris:/tmp/etc# dig www.google.com @61.9.211.1
; <<>> DiG 9.10.5-P3 <<>> www.google.com @61.9.211.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4259
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.google.com. IN A
;; ANSWER SECTION:
www.google.com. 145 IN A 216.58.203.100
;; Query time: 12 msec
;; SERVER: 61.9.211.1#53(61.9.211.1)
;; WHEN: Fri Sep 15 04:59:55 AEST 2017
;; MSG SIZE rcvd: 59
The nslookup commands below fail when “use forwarding” is configured:
root@turris:/tmp/etc# nslookup www.google.com 61.9.211.33
Server: 61.9.211.33
Address 1: 61.9.211.33
nslookup: can’t resolve ‘www.google.com’: Try again
root@turris:/tmp/etc# nslookup www.google.com 61.9.211.1
Server: 61.9.211.1
Address 1: 61.9.211.1
nslookup: can’t resolve ‘www.google.com’: Try again
Nslookup on windows on the same network it works fine with explicit server configuration:
C:> nslookup
Default Server: UnKnown
Address: fda5:7a90:47f9::1
server 61.9.211.33
Default Server: [61.9.211.33]
Address: 61.9.211.33
www.google.com
Non-authoritative answer:
Server: [61.9.211.33]
Address: 61.9.211.33
Name: www.google.com
Addresses: 2404:6800:4006:803::2004
216.58.220.100
server 61.9.211.1
Default Server: dns-cust.woo.bigpond.net.au
Address: 61.9.211.1
www.google.com
Non-authoritative answer:
Server: dns-cust.woo.bigpond.net.au
Address: 61.9.211.1
Name: www.google.com
Addresses: 2404:6800:4006:809::2004
216.58.203.100