DNS Resolution not working

Cowgirl · January 6, 2017, 4:39pm

Hello Folks,

i managed to bring my PPPOE Connection to German Telekom Up and runing. I can access the internet when talking to the telekom dns server from my client directly.
But i can not use the DNS Server/Forwarder on my router.

PPPOE is on eth1.7

root@turris:/etc/config# nslookup www.heise.de
nslookup: can’t resolve ‘(null)’: Name does not resolve

/var/resolve.conf.auto contains:
nameserver 217.237.150.188
nameserver 217.237.151.142

Interface wan_vlan7_6

nameserver 2003:180:2:b000::53
nameserver 2003:180:2:a000::53

DNS Server is reachable from the router:

root@turris:/tmp# ping 217.237.150.188
PING 217.237.150.188 (217.237.150.188): 56 data bytes
64 bytes from 217.237.150.188: seq=0 ttl=60 time=18.120 ms
64 bytes from 217.237.150.188: seq=1 ttl=60 time=18.523 ms
64 bytes from 217.237.150.188: seq=2 ttl=60 time=18.297 ms
64 bytes from 217.237.150.188: seq=3 ttl=60 time=18.275 ms
64 bytes from 217.237.150.188: seq=4 ttl=60 time=18.243 ms
64 bytes from 217.237.150.188: seq=5 ttl=60 time=18.476 ms
^C

Test type Status
IPv4 connectivity OK
IPv4 gateway connectivity Error
IPv6 connectivity OK
IPv6 gateway connectivity OK
DNS Error
DNSSEC Error

root@turris:/tmp# ps
PID USER VSZ STAT COMMAND
1 root 1352 S /sbin/procd
2 root 0 SW [kthreadd]
3 root 0 SW [ksoftirqd/0]
5 root 0 SW< [kworker/0:0H]
7 root 0 SW [rcu_sched]
8 root 0 SW [rcu_bh]
9 root 0 SW [migration/0]
10 root 0 SW [migration/1]
11 root 0 SW [ksoftirqd/1]
12 root 0 SW [kworker/1:0]
13 root 0 SW< [kworker/1:0H]
14 root 0 SW< [netns]
15 root 0 SW [kworker/u4:1]
141 root 0 SW< [writeback]
143 root 0 SW< [crypto]
144 root 0 SW [kworker/1:1]
145 root 0 SW< [bioset]
147 root 0 SW< [kblockd]
187 root 0 SW [kswapd0]
188 root 0 SW< [vmstat]
189 root 0 SW [fsnotify_mark]
238 root 0 SW [kworker/0:1]
251 root 0 SW [spi0]
256 root 0 SW< [bioset]
261 root 0 SW< [bioset]
369 root 0 SW [irq/94-8-0071]
375 root 0 SW [irq/45-mmc0]
396 root 0 SW< [ipv6_addrconf]
401 root 0 SW< [bioset]
403 root 0 SW< [deferwq]
406 root 0 SW< [bioset]
408 root 0 SW [mmcqd/0]
409 root 0 SW< [bioset]
410 root 0 SW [mmcqd/0boot0]
412 root 0 SW< [bioset]
413 root 0 SW [mmcqd/0boot1]
414 root 0 SW< [bioset]
415 root 0 SW [mmcqd/0rpmb]
426 root 0 SW< [btrfs-worker]
427 root 0 SW< [kworker/u5:0]
428 root 0 SW< [btrfs-worker-hi]
429 root 0 SW< [btrfs-delalloc]
430 root 0 SW< [btrfs-flush_del]
431 root 0 SW< [btrfs-cache]
432 root 0 SW< [btrfs-submit]
433 root 0 SW< [btrfs-fixup]
434 root 0 SW< [btrfs-endio]
435 root 0 SW< [btrfs-endio-met]
436 root 0 SW< [btrfs-endio-met]
437 root 0 SW< [btrfs-endio-rai]
438 root 0 SW< [btrfs-endio-rep]
439 root 0 SW< [btrfs-rmw]
440 root 0 SW< [btrfs-endio-wri]
441 root 0 SW< [btrfs-freespace]
442 root 0 SW< [btrfs-delayed-m]
443 root 0 SW< [btrfs-readahead]
444 root 0 SW< [btrfs-qgroup-re]
445 root 0 SW< [btrfs-extent-re]
446 root 0 SW [btrfs-cleaner]
447 root 0 SW [btrfs-transacti]
448 root 0 SW< [kworker/0:1H]
450 root 0 SW< [kworker/1:1H]
468 root 0 SW [jfsIO]
469 root 0 SW [jfsCommit]
470 root 0 SW [jfsCommit]
471 root 0 SW [jfsSync]
474 root 0 SW< [xfsalloc]
475 root 0 SW< [xfs_mru_cache]
481 root 0 SW< [ata_sff]
508 root 0 SW [scsi_eh_0]
509 root 0 SW< [scsi_tmf_0]
512 root 0 SW [scsi_eh_1]
513 root 0 SW< [scsi_tmf_1]
778 root 832 S /sbin/ubusd
827 root 704 S /sbin/askfirst /bin/ash --login
864 root 0 SW [irq/41-f1090000]
865 root 0 SW [irq/42-f1090000]
941 root 0 SW< [md]
952 root 0 SW< [raid5wq]
968 root 0 SW< [kafs_vlupdated]
969 root 0 SW< [kafs_callbackd]
970 root 0 SW< [kafsd]
974 root 0 SW< [cifsiod]
983 root 0 SW< [rpciod]
1055 root 0 SW< [nfsiod]
1090 root 0 SW< [cryptodev_queue]
1109 root 0 SW< [cfg80211]
1114 root 0 SW< [ath10k_wq]
1115 root 0 SW< [ath10k_aux_wq]
1460 root 1892 S /sbin/rpcd
1494 root 0 SW [kworker/0:2]
1524 root 6376 S {sfpswitch.py} /usr/bin/python /usr/sbin/sfpswitch.py --nodaemon
1545 root 1552 S /sbin/netifd
1695 root 1124 S /usr/sbin/odhcpd
1762 nobody 780 S /usr/sbin/atd -f
1855 root 2808 S /usr/sbin/sshd -f /var/etc/ssh/sshd_config
1875 root 4320 S {syslog-ng} supervising syslog-ng
1877 root 4504 S /usr/sbin/syslog-ng
2031 root 1092 S udhcpc -p /var/run/udhcpc-eth1.8.pid -s /lib/netifd/dhcp.script -f -t 0 -i eth1.8 -C -O 212
2032 root 736 S odhcp6c -s /lib/netifd/dhcpv6.script -P0 -t120 eth1
2690 root 1068 S /usr/sbin/pppd nodetach ipparam wan_vlan7 ifname pppoe-wan_vlan7 +ipv6 set AUTOIPV6=1 nodefaultroute
2752 root 736 S odhcp6c -s /lib/netifd/dhcpv6.script -P0 -t120 pppoe-wan_vlan7
2948 root 4692 S /usr/sbin/lighttpd -f /etc/lighttpd/lighttpd.conf
2949 root 17220 S python /usr/bin/foris -s flup
2954 root 924 S /sbin/mountd -f
2993 root 748 S /usr/sbin/cron -n
3021 root 1744 S /usr/sbin/smartd -q never
4023 root 0 SW< [kworker/u5:1]
5663 nobody 896 S /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf -k -x /var/run/dnsmasq/dnsmasq.pid
10872 root 2868 S sshd: root@pts/1
10875 root 1100 S -ash
17693 root 0 SW [kworker/u4:2]
19074 root 704 S nethist
19150 root 8228 S /usr/bin/nuci
19988 root 1092 R ps

Any Ideas?! Help is very much appreciated

thanks a lot
alexandra

white · January 6, 2017, 5:38pm

You don’t seem to have knot resolver running (kresd). Check also /etc/resolv.conf and “netstat -alp | grep :domain”.

jhuebner · January 6, 2017, 8:14pm

As @white pointed out: check if a DNS resolver ist listening

netstat -ulpn

Cowgirl · January 6, 2017, 8:18pm

hmmmm

root@turris:/tmp/log# netstat -ulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
udp 0 0 0.0.0.0:67 0.0.0.0:* 7580/dnsmasq
udp 0 0 0.0.0.0:7001 0.0.0.0:* -
udp 0 0 :::546 :::* 2752/odhcp6c
udp 0 0 :::546 :::* 2032/odhcp6c
udp 0 0 :::547 :::* 1695/odhcpd
root@turris:/tmp/log#

Cowgirl · January 6, 2017, 8:21pm

2017-01-06T20:19:27+01:00 err kresd[3375]: [system] error /usr/lib/kdns_modules/kres.lua:24: support libknot not found
2017-01-06T20:19:27+01:00 err kresd[3375]: [system] worker failed: No such file or directory

jhuebner · January 6, 2017, 8:24pm

Looks like you tried going to master or stable and back or forth or anything like that?! Had the same problem and was only able to go back by temporarily letting dnsmasq listen on port 53 (can be achieved via luci) to run the updater.sh again. Maybe you need to restart dnsmasq via console after setting “Network, DHCP and DNS, advanced settings, DNS server port” to “53”. Do not forget to set it back to “0” later to allow kresd to start again.

Cowgirl · January 6, 2017, 9:18pm

Your right. Thanks that worked for my now i´m back on master and DNS is working but lighthttpd is crashing
after each reboot. Looks like in the nightly i have played with lighthttpd is fixed but DNS is broken. Hopefully there will be a new
build with dns and lighthttpd working soon.

Cowgirl · January 31, 2017, 11:23am

I have tested now for several weeks. DNS is working but sometimes slow. I got error messages in my Ebay App on my Iphone that it could not resolve hostnames. Images are not loading sometime etc.
When i start the DNS Test i got the following output

Test type Status
IPv4 connectivity OK
IPv4 gateway connectivity Error
IPv6 connectivity OK
IPv6 gateway connectivity OK
DNS OK
DNSSEC Error

root@turris:/tmp/log# nslookup www.heise.de
nslookup: can’t resolve ‘(null)’: Name does not resolve

Name: www.heise.de
Address 1: 2a02:2e0:3fe:1001:7777:772e:2:85 www.heise.de
Address 2: 193.99.144.85 www.heise.de

Provider is Deutsche Telekom AG. Its Dual/Stack IPV4/IPV6

vcunat · January 31, 2017, 12:46pm

Do you use forwarding in your Omnia DNS setup? (If so, the queries and answers basically just pass through Omnia as they are.)

Cowgirl · January 31, 2017, 12:47pm

Configuration: Checkbox:

Use forwarding checked
Disable DNSSEC unchecked

vcunat · January 31, 2017, 12:55pm

Then whether domains resolve depends on the DNS server(s) you forward to.

My local testing shows no problems when kresd is resolving heise.de. You can either disable forwarding (i.e. make your Omnia query individual authoritative nameservers) or forward to some more reliable recursive servers.

Cowgirl · January 31, 2017, 1:00pm

When i disable forwarding console output is still:

root@turris:/tmp/log# nslookup www.8devices.com
nslookup: can’t resolve ‘(null)’: Name does not resolve

Name: www.8devices.com
Address 1: 50.87.150.19 50-87-150-19.unifiedlayer.com
root@turris:/tmp/log#

Cowgirl · February 1, 2017, 8:34am

After Update 3.5.2 it looks a little bit better

Test type Status
IPv4 connectivity OK
IPv4 gateway connectivity Error
IPv6 connectivity OK
IPv6 gateway connectivity OK
DNS OK
DNSSEC OK

But ping still gives:

root@turris:~# nslookup www.heise.de
nslookup: can’t resolve ‘(null)’: Name does not resolve

Name: www.heise.de
Address 1: 2a02:2e0:3fe:1001:7777:772e:2:85 www.heise.de
Address 2: 193.99.144.85 www.heise.de

Performance will be monitored…

vcunat · February 1, 2017, 10:06am

That nslookup output is actually OK. The first part should be printing info about the DNS server, which doesn’t work on Omnia for some reason (unknown to me), but it’s the second part that’s important. Example on my desktop:

$ nslookup heise.de
Server:         ::1
Address:        ::1#53

Non-authoritative answer:
Name:   heise.de
Address: 193.99.144.80

vcunat · February 1, 2017, 10:09am

My guess is that’s it’s some small bug in busybox (the embedded provider of nslookup). On Omnia:

# nslookup heise.de ::1
Server:    ::1
Address 1: ::1

Name:      heise.de
Address 1: 2a02:2e0:3fe:1001:302:: redirector.heise.de
Address 2: 193.99.144.80 redirector.heise.de