DNS resolving is unstable

dajs · May 4, 2017, 6:03pm

Hello,

the DNS resolving on my Turris Omnia is unstable, and has been for months. Is that a known issue? Is there a fix?

The Turris Omnia often (several times a week) stops resolving some (seemingly random) domain names, both for websites and mailservers. At the same time, many other domain names resolve fine.

Less often, DNS resolving completely stops working.

I can always fix these issues with a reboot.
I can sometimes fix these issues by going to http://192.168.0.1/config/dns/ and clicking on “Test connection”. After that, all domain names are resolved correctly.

Background: I have no IPv6 connectivity, all other tests result in “OK”.

Device Turris Omnia - RTROM01
Turris OS version 3.6.3
Kernel version 4.4.59-627f0117679bc72ef5e58881035f567a-4

There is currently no VPN on the router.

vcunat · May 12, 2017, 3:46pm

Do you have forwarding disabled or enabled? If enabled, where do you forward to?

dajs · May 12, 2017, 6:29pm

Forwarding is disabled.

vcunat · May 12, 2017, 9:03pm

OK. I suspect it might be about NS reputation tracking, related to recent serious problems that affected some people.

If you want to work around it, I’d suggest to use forwarding (which has other disadvantages). I would ask you to confirm my suspicions by generating logs, but the support UI for that is being reworked ATM and probably doesn’t work.

czbird · May 12, 2017, 10:37pm

I gave up already. Omnia had constant issues with accessing webpages and mailboxes. It’s been like that since the very beginning. All magically went away when I enabled DNS forwarding. This however rendered DNSSEC not working. So, all the gems like “have your own dns resolver” and “enjoy safer surfing with DNSSEC” are unfortunately no-go for me. Quite a shame.

vcunat · May 14, 2017, 1:27pm

I agree the DNS resolver issues are unfortunate. I’ve been using knot-resolver for months without encountering problems in resolvability, but there have been many people with issues.

jfrodsham · November 4, 2017, 5:54pm

So apparently we are still waiting for a fix? My ability to resolve addresses is terrible. I am getting ready to buy a new router. Like others have said we are being asked to edit config files via putty… I don’t even know how to enable SSH on the router.

Edit: SSH works now. I guess maybe an update resolved that, so at least I can SSH if need be.

vcunat · November 4, 2017, 6:36pm

That linked problem was fixed long time ago, and I haven’t noticed anyone confirming such problems since then. I assume you have Turris Omnia in recent version.

What is your DNS settings in Foris? (forwarding, DNSSEC, connection test results)

jfrodsham · November 4, 2017, 6:45pm

Use Forwarding: Not checked
Diable DNS: Not checked
Enable DHCP clients in DNS: Checked
Domain of DHCP clients in DNS: ‘Lan’

Test type Status
IPv4 connectivity OK
IPv4 gateway connectivity OK
IPv6 connectivity OK
IPv6 gateway connectivity OK
DNS OK
DNSSEC OK

My Chrome browser hangs on “Resolving Host” for long periods and sometimes times out. I can fix by rebooting the router.

Thank you,
Justin

PS… My router had been rebooted recently, but when I see the problem the tests pass.

jfrodsham · November 4, 2017, 7:59pm

Started getting more resolving delays… ran the test again, it took longer, but it still passed.

Pepe · November 5, 2017, 2:24am

The question is, which version of Turris OS do you have?

Is it better, when you enable forwarding?

Does it happens on all your websites, which you are visiting or only on some?

Are you trying it on WiFI (maybe some interference?) or on cable?

jfrodsham · November 5, 2017, 4:28pm

The question is, which version of Turris OS do you have?

Doesn’t it auto update?

Device Turris Omnia - RTROM01
Serial number 47244678899
Turris OS version 3.8.4
Kernel version 4.4.91-cb5e816fa6b1a6b5342df69755869d71-0

Is it better, when you enable forwarding?

I can try.

Does it happens on all your websites, which you are visiting or only on some?

Any site not in the cache.

Are you trying it on WiFI (maybe some interference?) or on cable?

That is not a factor.

harriman · November 6, 2017, 10:20am

The problem may be this. It should be fixed in the next update, 3.8.5.

vcunat · November 6, 2017, 11:06am

No, I find that very unlikely, unfortunately.

harriman · November 6, 2017, 11:43am

These are the symptoms I experienced, which I now can fix (thanks to your explanation) by manually correcting the /var/run/resolver.pid file.

For a little while every 10 minutes, no DNS resolution occurs while - due to a bug - kresd restarts. While kresd is restarting, DNS requests appear very slow; sometimes they time out and the browser thinks the domain name does not exist. A few seconds later, kresd is back up and it works nicely for the next 10 minutes.

My symptoms were similar to jfrodsham’s short description, “browser hangs on ‘Resolving Host’ for long periods and sometimes times out.”

vcunat · November 6, 2017, 11:55am

I understood the description in the way that the state takes longer than a couple seconds. If it’s very short, that might be it.