Joined: 16 Mar 2019 Posts: 353 Location: Szczecin, Poland EU
Posted: Tue Oct 12, 2021 10:40 Post subject: WNR3500L v2 Dnsmasq problem
I'm user of Netgear WNR3500L v2. It stay on the newest DD-WRT build from 10/10/21. I have dnsmasq server on router. Option WAN DNS Ignore is active. I'm use one server 8.8.8.8 for resolving. Since 2 - 3 last builds I see problem with dnsmasq. During open websites my web browser inform me about DNS problem (DNS_Probe_Started, DNS_Bad_Config). I'm start to check this problem and after login to router GUI I see 100% cpu usage. Probably that's problem with Dnsmasq packet. I'm kill dnsmasq via ssh and restart it. Sometimes device start working good, but sometimes 100% usage is still and I must totally reboot router via ssh. I try reboot with black button on case and unplug power and then restart device. Periodically that problem is exist. Rather I won't to restore factory default, I think it's problem with this one packet. I know the Dnsmasq was recently updated. Could you check the Dnsmasq correctly work. ? It may be some memory leaks. I have connected 2 devices - 1 computer with gigabit rj-45, Voip gateway on 100 mbit (cord), WIFI actually is unused, but turn on. On WAN is rj-45 gigabit technology with 300 mbit speed from ISP. ISP modem is restored and problem with Netgear is still.
Joined: 08 May 2018 Posts: 14217 Location: Texas, USA
Posted: Tue Oct 12, 2021 12:56 Post subject:
Please post screenshots of your configuration and your additional dnsmasq configuration information. This topic has been well discussed and is more likely to be user error in configuration. _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Joined: 16 Mar 2019 Posts: 353 Location: Szczecin, Poland EU
Posted: Tue Oct 12, 2021 15:46 Post subject:
I have enabled:
Dnsmasq service and use Dnsmasq as DNS, Ignore WAN DNS
- Cache DNSSEC data
- Validate DNS Replies (DNSSEC)
- Check unsigned DNS replies
- No DNS Rebind
- Query DNS in Strict Order
Options Add Requestor MAC to DNS Query and RFC4039 Rapid Commit support and DNS Encryption are disabled. In setup site DHCP server for LAN is totally disabled and all DNS fields have 0.0.0.0 IPs. DNS on workstations is configured to DD-WRT device IP and finally I use Google Public DNS service with only one server 8.8.8.8 Until Dnsmasq packet wasn't update that problem isn't appear. CPU have OC to 500 MHz, because it works better for fast internet (300 mbit+ plan from ISP). Device have applied radiators with termal past on mainboard. Temperature is 40 - 50 Celsiuss depend of system load. In normal enviroment I have max system load ~40 % when I'm strong use internet connection.
Joined: 08 May 2018 Posts: 14217 Location: Texas, USA
Posted: Tue Oct 12, 2021 16:38 Post subject:
Using only one DNS resolver is not going to give you 100% reliability. You should at least add server=8.8.4.4 to your additional dnsmasq configs, among other things. _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Joined: 16 Mar 2019 Posts: 353 Location: Szczecin, Poland EU
Posted: Wed Oct 13, 2021 13:51 Post subject:
Today the same problem is again. Suddenly DNS based on Dnsmasq stop working, errors in web browser. Login to GUI and I see 100% cpu usage. After restart dnsmasq service via ssh, usage drop to 5 - 8 %. DNS working again. That problem is burdensome and I'm restart ISP modem for test. That not solve this problem, in my opinion it's problem with Dnsmasq after update it in DD-WRT project. Could somebody to check DD-WRT code. It's rather not DDOS, because I don't see any suspicious events in connections list.
Joined: 08 May 2018 Posts: 14217 Location: Texas, USA
Posted: Wed Oct 13, 2021 15:29 Post subject:
If you're going to rely on only one DNS server, you are going to shoot yourself in the foot. This is a configuration issue. You should have at least two DNS servers, if not six.
Joined: 16 Nov 2015 Posts: 6436 Location: UK, London, just across the river..
Posted: Sun Oct 17, 2021 8:07 Post subject:
wright...i can report similar issues ...and i also consolidate it with some other forum members, although im still observing/gathering more data...i can report similar issues...im using stub resolver (stubby) via Entware...and it stalls on random occasions...on my R7800 mainly...
I do have a multiple revolvers, round robin 1, there is nothing in stubby debug, nor in the DDWRT syslog that could point me out to anything..., solves the problem...I was restarting stubby, but desided to see if DNSmasq restart helps too...so i guess as it helps its more linked to it...
It happens very likely after second day of use..and no clients connected to the router for a bit of a time...
It started to be more obvious after DSNmasq update...
I wont deny that, there was a GetDNS and Stubby update recently too, so it could be down to those...that's why i'm still investigating...
I'm using primary quad9 and nextdns...as well some other with filtering..all DNS's i use have filtering capabilities...
I do not have a heavy DNS use to overrun the DNS default concurrent requests of 100...but just to test it...i tried to increase it up to 200
I also used to use SmartDNS via jffs script and it happened as well... DNS stalls on random occasions...and this was the reason i left it and moved to good old Stubby and its the same...I also see some similar reports regarding SmarDNS recently on the forum too...
Joined: 08 May 2018 Posts: 14217 Location: Texas, USA
Posted: Sun Oct 17, 2021 10:53 Post subject:
I'm using essentially the same config as the OP with a few variations and more than one dns server and haven't noticed any issues. Same config for quite some time. Don't know, but it's not DD-WRT as far as I am concerned. _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Actually, I stumbled upon that problem with recent DD-WRT builds. After I reverted back to a "known working" (for me 47097) it all went away.
I'm using 3 DNS servers (one relayed from my WAN, two - Google public DNS 8.8.8.8 and 8.8.4.4). Surprisingly this seems to happen only when using Windows, and never happened through Android usage.
Sometimes a DNS query fails immediately, and if I press "refresh" in my browser with the said error it is immediately successful. It never happens using nslookup, but may happen when using consecutive "ping" calls.
Joined: 12 Dec 2007 Posts: 778 Location: Pittsburgh, PA USA
Posted: Sun Oct 17, 2021 17:18 Post subject:
I am seeing the same behavior on both a Linksys EA6700 and a (non-Broadcom) WRT1900AC. My configuration is as identical as possible on both routers, which includes Stubby in a manner very similar to Alozaros. From advice in another thread, I took the IPV6 server addresses out of stubby.yml and just left the IPV4 addresses (I use Cloudflare 1.1.1.1). It has only been a couple of days, but I haven't seen the same intermittent failures to resolve DNS names.
My ISP does not have native IPV6, so I'm using Hurricane Tunnelbroker for IPV6. Hopefully this will help someone else. _________________ __________________________
Netgear R7800
DD-WRT v3.0 STD
Linksys WRT1900AC
DD-WRT v3.0 STD
Joined: 12 Dec 2007 Posts: 778 Location: Pittsburgh, PA USA
Posted: Sun Oct 17, 2021 23:03 Post subject:
kernel-panic69 wrote:
That doesn't look like your browser's settings...
Misunderstood the question. I turned off Secure DNS in Chrome, Edge, and Firefox. _________________ __________________________
Netgear R7800
DD-WRT v3.0 STD
Linksys WRT1900AC
DD-WRT v3.0 STD