DNS not working after update

timmmy · February 20, 2021, 1:59pm

Hi all,

After updating some packages, name resolution is not working anymore.
Not on localhost, not remotely (so probably something with DNSmasq?)
However, I cannot find the issue. Config files below. Note: this is not my main router, it attached to an existing network and only connected on the LAN side.
8.8.8.8 is reachable from the router.

/etc/config/dhcp

config dnsmasq
        option domainneeded '1'
        option localise_queries '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.auto'
        list server '8.8.8.8'
        option localservice '0'
        option rebind_protection '0'

config dhcp 'lan'
        option interface 'lan'
        option ignore '1'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

/etc/config/network

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd01:80c1:4bb1::/48'

config interface 'wan'
        option ifname 'eth0.1'
        option proto 'static'

config device 'wan_eth0_1_dev'
        option name 'eth0.1'
        option macaddr '18:31:bf:c0:09:c9'

config interface 'wan6'
        option ifname 'eth0.1'
        option proto 'dhcpv6'

config interface 'lan'
        option type 'bridge'
        option ifname 'eth0.2'
        option proto 'static'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option ipaddr '192.168.8.100'
        list dns '8.8.8.8'
        option gateway '192.168.8.1'

config device 'lan_eth0_2_dev'
        option name 'eth0.2'
        option macaddr '18:31:bf:c0:09:c8'

/etc/resolv.conf

search lan
nameserver 127.0.0.1

Any ideas?
All help is much appreciated

Kind regards,
Timmmy

frollic · February 20, 2021, 2:10pm

For it to work on the device itself, you need to populate resolve.conf. It'd happen automatically if you would have DHCP, but needs to be done manually if you have a static IP.

vgaetera · February 20, 2021, 2:21pm

@timmmy, check this:

netstat -l -n -p | grep -e dnsmasq; pgrep -f -a dnsmasq; \
head -v -n -0 /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/*; \
nslookup example.org; \
nslookup example.org 127.0.0.1; \
nslookup example.org 8.8.8.8

@frollic, it is populated automatically with DNS configured on active interfaces.

timmmy · February 20, 2021, 2:44pm

Hi @frollic, @vgaetera,

Thanks!
Look like dnsmasq is running, but not resolving?

tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      2264/dnsmasq
tcp        0      0 192.168.8.100:53        0.0.0.0:*               LISTEN      2264/dnsmasq
tcp        0      0 ::1:53                  :::*                    LISTEN      2264/dnsmasq
tcp        0      0 fe80::1a31:bfff:fec0:9c8:53 :::*                    LISTEN      2264/dnsmasq
tcp        0      0 fd01:80c1:4bb1::1:53    :::*                    LISTEN      2264/dnsmasq
tcp        0      0 fe80::1a31:bfff:fec0:9c8:53 :::*                    LISTEN      2264/dnsmasq
tcp        0      0 fe80::1a31:bfff:fec0:9c9:53 :::*                    LISTEN      2264/dnsmasq
udp        0      0 127.0.0.1:53            0.0.0.0:*                           2264/dnsmasq
udp        0      0 192.168.8.100:53        0.0.0.0:*                           2264/dnsmasq
udp        0      0 0.0.0.0:37455           0.0.0.0:*                           2264/dnsmasq
udp        0      0 0.0.0.0:3179            0.0.0.0:*                           2264/dnsmasq
udp        0      0 0.0.0.0:5233            0.0.0.0:*                           2264/dnsmasq
udp        0      0 0.0.0.0:44416           0.0.0.0:*                           2264/dnsmasq
udp        0      0 0.0.0.0:48853           0.0.0.0:*                           2264/dnsmasq
udp        0      0 0.0.0.0:20740           0.0.0.0:*                           2264/dnsmasq
udp        0      0 0.0.0.0:21005           0.0.0.0:*                           2264/dnsmasq
udp        0      0 0.0.0.0:5651            0.0.0.0:*                           2264/dnsmasq
udp        0      0 ::1:53                  :::*                                2264/dnsmasq
udp        0      0 fe80::1a31:bfff:fec0:9c8:53 :::*                                2264/dnsmasq
udp        0      0 fd01:80c1:4bb1::1:53    :::*                                2264/dnsmasq
udp        0      0 fe80::1a31:bfff:fec0:9c8:53 :::*                                2264/dnsmasq
udp        0      0 fe80::1a31:bfff:fec0:9c9:53 :::*                                2264/dnsmasq
2264 /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf.cfg01411c -k -x /var/run/dnsmasq/dnsmasq.cfg01411c.pid
==> /etc/resolv.conf <==
search lan
nameserver 127.0.0.1

==> /tmp/resolv.conf <==
search lan
nameserver 127.0.0.1

==> /tmp/resolv.conf.auto <==
# Interface lan
nameserver 8.8.8.8
head: /tmp/resolv.*/*: No such file or directory
;; connection timed out; no servers could be reached

;; connection timed out; no servers could be reached

;; connection timed out; no servers could be reached

vgaetera · February 20, 2021, 2:48pm

ping -q -w 3 192.168.8.1; ping -q -w 3 8.8.8.8

timmmy · February 20, 2021, 3:11pm

--- 192.168.8.1 ping statistics ---
4 packets transmitted, 3 packets received, 25% packet loss
round-trip min/avg/max = 0.580/0.613/0.640 ms
PING 8.8.8.8 (8.8.8.8): 56 data bytes

--- 8.8.8.8 ping statistics ---
4 packets transmitted, 3 packets received, 25% packet loss
round-trip min/avg/max = 17.920/19.140/20.680 ms

Packet loss is only because of the timeout, in a "normal" ping no packet loss shows up.

vgaetera · February 20, 2021, 3:14pm

DNS traffic appears to be blocked on the main/upstream router.

timmmy · February 20, 2021, 3:37pm

Hi @vgaetera,

Great catch, thanks!
Just ran Steve Gibsons DNS bench and indeed about 50% of public DNS resolvers seem to be blocked. I've always been using 8.8.8.8, so something must have changed at ISP side. I'll give them a ping and ask what's up.

Anyhow, switched to Cloudflare and it works as a charm

You're a hero @vgaetera !
Have a nice day!

system · March 2, 2021, 3:37pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.