Unable to access gmail from 15.05 based platform

Hi,

We are facing an issue with Gmail, it is not resolving if we keep the devices for more then 12Hr. Remaining all sites were working good.

Please help me, how can I resolve the issue?

log:

May 1 09:02:37 dnsmasq[2887]: cached mail.google.com is <CNAME>
May 1 09:02:37 dnsmasq[2887]: cached googlemail.l.google.com is NODATA-IPv4
May 1 09:02:37 dnsmasq[2887]: query[A] mail.google.com from 192.168.221.235
May 1 09:02:37 dnsmasq[2887]: cached mail.google.com is <CNAME>
May 1 09:02:37 dnsmasq[2887]: cached googlemail.l.google.com is NODATA-IPv4
May 1 09:02:37 dnsmasq[2887]: query[A] google.com from 192.168.221.235

Please, post your network and dhcp configuration files here.

Pleas update to 18.xx or 17.xx 15.xx is old now and verry out of date!

3 Likes

Please find my configuration files,

  1. Network
config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'auto'

config interface 'lan'
	option ifname 'eth1'
	option force_link '1'
	option type 'bridge'
	option proto 'static'
	option ipaddr '192.168.221.1'
	option netmask '255.255.255.0'
	option gateway '192.168.221.1'
	option ip6assign '60'
	option dns '8.8.8.8 8.8.4.4 4.2.2.2'
	option multicast_querier '0'
	option igmp_snooping '1'
	option ieee1905managed '1'

config interface 'wan'
	option ifname 'eth0'
	option proto 'dhcp'

config interface 'wan6'
	option ifname 'eth0'
	option proto 'dhcpv6'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '0t 1 2 3 4'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option ports '0t 5'

config switch_ext
	option device 'switch0'
	option name 'QosPtMode'
	option port_id '1'
	option mode 'dscp'
	option status 'enable'

config switch_ext
	option device 'switch0'
	option name 'QosPtMode'
	option port_id '2'
	option mode 'dscp'
	option status 'enable'

config switch_ext
	option device 'switch0'
	option name 'QosPtMode'
	option port_id '3'
	option mode 'dscp'
	option status 'enable'

config switch_ext
	option device 'switch0'
	option name 'QosPtMode'
	option port_id '4'
	option mode 'dscp'
	option status 'enable'

config switch_ext
	option device 'switch0'
	option name 'QosPtMode'
	option port_id '5'
	option mode 'dscp'
	option status 'enable'
  1. DHCP configuration
config dnsmasq
	option domainneeded '1'
	option boguspriv '1'
	option filterwin2k '0'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option nonegcache '0'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.auto'
	option localservice '1'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv6 'server'
	option ra 'server'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'

Maybe you shouldn't be using this as your DNS server

2 Likes

I would add a "option peerdns '0'" line on the WAN interface, then check the logs to be sure you are using the proper DNSs.

2 Likes

Hi eduperez,

Thank you for your replay. I have a couple of questions,

  1. is the option peerdns '0' need to add in dhcp config file? what this option will do?

  2. How can I ensure that DNS functionality is proper?

  3. am I have to place 8.8.8.8 and 8.8.4.4 into /etc/resolv.conf?

If you want Google to really know nearly everything about your household internet communication and make the best commercial use of this personal information then go ahead.

I would instead follow the advice of @tapper and upgrade OpenWrt to 18.xx and start with a new DNS configuration from scratch.

2 Likes

Thanks, @odrt, and @tapper for your suggestions. But currently, we can't baseline new SDK.

already we are using DNS servers in network configuration file.

Then the problem is bigger because you're missing a lot of security patches since September 2015.

Why not just use the default DNS servers of your ISP? Or build your own self resolving dns cache service if you don't trust them or you see yourself unable to use them.

  1. No, it goes into the network configuration file, and prevents OpenWrt from using the DNSs provided by your ISP to the DHP server.

  2. Enable logging on the DHCP configuration file, and see on the logs which upstream server is being used.

  3. No, that is not necessary.

1 Like

Major DNS providers usually have more clear content filtering policy and DNSSEC validation policy.
And in some cases they also have better fault tolerance and shorter response time.

Why are the DNS servers added to LAN and not WAN?

Hi @eduperez,

I found below log,

May  2 21:36:09 dnsmasq-dhcp[30890]: DHCP, IP range 192.168.221.100 -- 192.168.221.249, lease time 12h
May  2 21:36:09 dnsmasq[30890]: using local addresses only for domain lan
May  2 21:36:09 dnsmasq[30890]: reading /tmp/resolv.conf.auto
May  2 21:36:09 dnsmasq[30890]: using local addresses only for domain lan
May  2 21:36:09 dnsmasq[30890]: using nameserver 8.8.8.8#53
May  2 21:36:09 dnsmasq[30890]: using nameserver 8.8.4.4#53
May  2 21:36:09 dnsmasq[30890]: using nameserver 4.2.2.2#53
May  2 21:36:09 dnsmasq[30890]: read /etc/hosts - 2 addresses
May  2 21:36:09 dnsmasq[30890]: read /tmp/hosts/dhcp - 1 addresses
May  2 21:36:09 dnsmasq-dhcp[30890]: read /etc/ethers - 0 addresses
May  2 21:36:21 dnsmasq[30890]: query[A] forum.openwrt.org from 192.168.221.210
May  2 21:36:21 dnsmasq[30890]: forwarded forum.openwrt.org to 8.8.8.8
May  2 21:36:21 dnsmasq[30890]: forwarded forum.openwrt.org to 8.8.4.4
May  2 21:36:21 dnsmasq[30890]: forwarded forum.openwrt.org to 4.2.2.2
May  2 21:36:21 dnsmasq[30890]: query[AAAA] forum.openwrt.org from 192.168.221.210
May  2 21:36:21 dnsmasq[30890]: forwarded forum.openwrt.org to 8.8.8.8
May  2 21:36:21 dnsmasq[30890]: forwarded forum.openwrt.org to 8.8.4.4
May  2 21:36:21 dnsmasq[30890]: forwarded forum.openwrt.org to 4.2.2.2
May  2 21:36:21 dnsmasq[30890]: reply forum.openwrt.org is 139.59.210.197
May  2 21:36:21 dnsmasq[30890]: reply forum.openwrt.org is 2a03:b0c0:3:d0::168b:9001
May  2 21:36:21 dnsmasq[30890]: query[A] forum.openwrt.org from 192.168.221.210
May  2 21:36:21 dnsmasq[30890]: cached forum.openwrt.org is 139.59.210.197
May  2 21:36:21 dnsmasq[30890]: query[AAAA] forum.openwrt.org from 192.168.221.210
May  2 21:36:21 dnsmasq[30890]: cached forum.openwrt.org is 2a03:b0c0:3:d0::168b:9001
May  2 21:36:25 dnsmasq[30890]: query[A] forum.openwrt.org from 192.168.221.210
May  2 21:36:25 dnsmasq[30890]: cached forum.openwrt.org is 139.59.210.197
May  2 21:36:25 dnsmasq[30890]: query[AAAA] forum.openwrt.org from 192.168.221.210
May  2 21:36:25 dnsmasq[30890]: cached forum.openwrt.org is 2a03:b0c0:3:d0::168b:9001

am I have to enable DNS for WAN also?

uci -q delete network.lan.gateway
uci commit network
service network restart

Actually, there's no difference unless you utilize DNSv6.

1 Like

I'm suggesting:

  • Remove DNS on LAN
  • Add on WAN

Screenshot%20from%202019-05-02%2012-16-47

  • Hit 'Save & Apply'
1 Like

Will I get any issue due to gateway option?

You're likely having an issue now because you have a LAN gateway listed. A gateway cannot be itself anyways.

1 Like

After adding DNS to WAN I found the log as below,

May  2 22:02:43 dnsmasq[13816]: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack no-ipset no-auth no-DNSSEC loop-detect inotify
May  2 22:02:43 dnsmasq[13816]: DNS service limited to local subnets
May  2 22:02:43 dnsmasq-dhcp[13816]: DHCP, IP range 192.168.221.100 -- 192.168.221.249, lease time 12h
May  2 22:02:43 dnsmasq[13816]: using local addresses only for domain lan
May  2 22:02:43 dnsmasq[13816]: reading /tmp/resolv.conf.auto
May  2 22:02:43 dnsmasq[13816]: using local addresses only for domain lan
May  2 22:02:43 dnsmasq[13816]: using nameserver 8.8.8.8#53
May  2 22:02:43 dnsmasq[13816]: using nameserver 8.8.4.4#53
May  2 22:02:43 dnsmasq[13816]: read /etc/hosts - 2 addresses
May  2 22:02:43 dnsmasq[13816]: read /tmp/hosts/dhcp - 1 addresses
May  2 22:02:43 dnsmasq-dhcp[13816]: read /etc/ethers - 0 addresses
May  2 22:02:44 dnsmasq[13816]: query[A] play.google.com from 192.168.221.210
May  2 22:02:44 dnsmasq[13816]: forwarded play.google.com to 8.8.8.8
May  2 22:02:44 dnsmasq[13816]: forwarded play.google.com to 8.8.4.4
May  2 22:02:44 dnsmasq[13816]: query[AAAA] play.google.com from 192.168.221.210
May  2 22:02:44 dnsmasq[13816]: forwarded play.google.com to 8.8.8.8
May  2 22:02:44 dnsmasq[13816]: forwarded play.google.com to 8.8.4.4
May  2 22:02:44 dnsmasq[13816]: reply play.google.com is 172.217.161.14
May  2 22:02:44 dnsmasq[13816]: reply play.google.com is 2404:6800:4007:800::200e
May  2 22:02:45 dnsmasq[13816]: query[A] forum.openwrt.org from 192.168.221.210
May  2 22:02:45 dnsmasq[13816]: forwarded forum.openwrt.org to 8.8.4.4
May  2 22:02:45 dnsmasq[13816]: query[AAAA] forum.openwrt.org from 192.168.221.210
May  2 22:02:45 dnsmasq[13816]: forwarded forum.openwrt.org to 8.8.4.4
May  2 22:02:45 dnsmasq[13816]: reply forum.openwrt.org is 139.59.210.197
May  2 22:02:45 dnsmasq[13816]: reply forum.openwrt.org is 2a03:b0c0:3:d0::168b:9001