Turris DNS problem with sparkys.cz

Yesterday, I’ve experienced nasty problem with turris dns with the latest stable firmware. Even with dnssec dissabled and dns forwarding disabled it cannot resolve address sparkys.cz. The only solution was to enable dns forwarding.

I’m very very disappointed with turris which fails in the most basic functions…

Could you provide us some detail about your router?
Do you have old blue Turris 1.x or Omnia?
Which DNS resolver do you used … Knot or Unbound?

On my Turris 1.x with Unbound “sparkys.cz” works well!

Hello @Radovan_Haban,

Thank you for letting us know about the issue, which you have found about that you can not resolve sparkys.cz. To be able to look, where the issue could be we need additional details, which contains sensitive data. For debugging DNS problems, in our documentation, we have the article how you can gather verbose logs and send to us, so we’d be able to look at it.

It’s also very useful to send us diagnostics first before you start going through the article, which I mention because sometimes the issue is not in the router itself, but mostly related to ISP’s DNS servers.

I looked, where the sparkys.cz is hosted. I see they’re hosted at IGNUM.
There is a high chance that this bug is fixed in the Turris OS 3.11, where we updated to the Knot Resolver 3.1.0, where developers of Knot Resolver fixed the issue, which you mention. Also, you have found the workaround, which works. To avoid this bug is necessary to enable DNS forwardings in Foris, but you need to forward to some reliable DNS servers or you can upgrade to Turris OS 3.11, which is currently in the RC, where I think is the most interest thing that you can choose DNS server from a provided list and some of them with support of DNS over TLS. Why is the DNS over TLS good you can read the article on root.cz, which unfortunately is only in Czech.


Maybe rebellious toys? :grinning::rofl:


Oh no! :slight_smile:

Maybe some problem like this - I see the domain “sparkys.cz” is hosted on IGNUM infrastructure.

Maybe switch on current RC version of TurrisOS (3.11) helps to @Radovan_Haban to solving the problem.

1 Like

I have Omnia router.

OK, thanks … then the post of @Pepe or link in my previous post are suitable for solving your problem.

I have similar issues with linkedin.com, mobilmania.cz, zive.cz or technet.cz. Time to time these addresses cannot be resolved. The solution is to enable/disable DNSSEC - depends in which stat it is. It happens lets say every two weeks. I am on UPC and Turris Omnia.

Yes, that sounds the same, at least part of the problems you experience.