ip DNS server timouts but sometimes it's working & always works form the router itself.

Discussion in 'Cisco' started by Steven V.A., Aug 10, 2008.

  1. Steven V.A.

    Steven V.A. Guest

    Hi Group,

    I have come across something I can't solve.

    When using my Cisco as dns forwarder, DNS is just plain slow from my
    PC, even when using openDNS in the Cisco (model 857)

    Code:

    C:\Documents and Settings\Steven>nslookup www.tweakers.net 192.168.1.1
    Server: cisco-steventje
    Address: 192.168.1.1

    DNS request timed out.
    timeout was 2 seconds.
    Non-authoritative answer:
    Name: www.tweakers.net
    Address: 213.239.154.35


    .... 2 seconds delay on almost every query. :(

    I searched a bit further:

    Increasing the deay to even 40 seconds...don't even get an answer;

    C:\Documents and Settings\Steven>nslookup -time=40 www.tweakers.net
    192.168.1.1
    Server: cisco-steventje
    Address: 192.168.1.1

    DNS request timed out.
    timeout was 40 seconds.
    DNS request timed out.
    timeout was 40 seconds.
    *** Request to cisco-steventje timed-out

    on my cisco "enabled ip domain debug"

    This gives:

    It looks almost if the cisco doens't get its response and kees trying,
    and at he end ignores all the incoming queries.


    <191>569: 000564: Aug 10 21:14:34.442 GMT+2: DNS: Incoming UDP query
    (id#1)
    <191>570: 000565: Aug 10 21:14:34.442 GMT+2: DNS: Type 12 DNS query
    (id#1) for host '1.1.168.192.in-addr.arpa' from 192.168.1.2(2148)
    <190>571: 000566: Aug 10 21:14:34.442 GMT+2: %DNS-6-LOG_ACCESS: DNS
    View default used for client 192.168.1.2/2148, querying PTR
    '1.1.168.192.in-addr.arpa'
    <191>572: 000567: Aug 10 21:14:34.442 GMT+2: DNS: Servicing request
    using view default
    <191>573: 000568: Aug 10 21:14:34.442 GMT+2: DNS: Finished processing
    query (id#1) in 0.000 secs
    <191>574: 000569: Aug 10 21:14:34.442 GMT+2: DNS: Sending response to
    192.168.1.2/2148, len 71
    <191>575: 000570: Aug 10 21:14:34.450 GMT+2: DNS: Incoming UDP query
    (id#2)
    <191>576: 000571: Aug 10 21:14:34.450 GMT+2: DNS: Type 1 DNS query
    (id#2) for host 'www.tweakers.net' from 192.168.1.2(2149)
    <190>577: 000572: Aug 10 21:14:34.450 GMT+2: %DNS-6-LOG_ACCESS: DNS
    View default used for client 192.168.1.2/2149, querying A
    'www.tweakers.net'
    <191>578: 000573: Aug 10 21:14:34.450 GMT+2: DNS: Servicing request
    using view default
    <191>579: 000574: Aug 10 21:14:34.450 GMT+2: DNS: Re-sending DNS query
    (type 1, id#59263) to 208.67.220.220
    <191>580: 000575: Aug 10 21:14:38.078 GMT+2: DNS: Resending query id
    #2
    <191>581: 000576: Aug 10 21:14:38.078 GMT+2: DNS: Re-sending DNS query
    (type 1, id#59263) to 208.67.220.220
    <191>582: 000577: Aug 10 21:14:41.078 GMT+2: DNS: Resending query id
    #2
    <191>583: 000578: Aug 10 21:14:41.078 GMT+2: DNS: Re-sending DNS query
    (type 1, id#59263) to 208.67.220.220
    <191>584: 000579: Aug 10 21:14:44.078 GMT+2: DNS: Resending query id
    #2
    <191>585: 000580: Aug 10 21:14:44.078 GMT+2: DNS: Re-sending DNS query
    (type 1, id#59263) to 208.67.220.222
    <191>586: 000581: Aug 10 21:14:47.078 GMT+2: DNS: Resending query id
    #2
    <191>587: 000582: Aug 10 21:14:47.078 GMT+2: DNS: Re-sending DNS query
    (type 1, id#59263) to 208.67.220.222
    <191>588: 000583: Aug 10 21:14:50.078 GMT+2: DNS: Resending query id
    #2
    <191>589: 000584: Aug 10 21:14:50.078 GMT+2: DNS: Re-sending DNS query
    (type 1, id#59263) to 208.67.220.222
    <191>590: 000585: Aug 10 21:14:53.078 GMT+2: DNS: Resending query id
    #2
    <191>591: 000586: Aug 10 21:14:53.078 GMT+2: DNS: Re-sending DNS query
    (type 1, id#59263) to 83.143.245.36
    <191>592: 000587: Aug 10 21:14:56.078 GMT+2: DNS: Resending query id
    #2
    <191>593: 000588: Aug 10 21:14:56.078 GMT+2: DNS: Re-sending DNS query
    (type 1, id#59263) to 83.143.245.36
    <191>594: 000589: Aug 10 21:14:59.078 GMT+2: DNS: Resending query id
    #2
    <191>595: 000590: Aug 10 21:14:59.078 GMT+2: DNS: Re-sending DNS query
    (type 1, id#59263) to 83.143.245.36
    <191>596: 000591: Aug 10 21:15:02.078 GMT+2: DNS: Resending query id
    #2
    <191>597: 000592: Aug 10 21:15:02.078 GMT+2: DNS: Re-sending DNS query
    (type 1, id#59263) to 83.143.245.37
    <191>598: 000593: Aug 10 21:15:05.094 GMT+2: DNS: Resending query id
    #2
    <191>599: 000594: Aug 10 21:15:05.094 GMT+2: DNS: Re-sending DNS query
    (type 1, id#59263) to 83.143.245.37
    <191>600: 000595: Aug 10 21:15:08.094 GMT+2: DNS: Resending query id
    #2
    <191>601: 000596: Aug 10 21:15:08.094 GMT+2: DNS: Re-sending DNS query
    (type 1, id#59263) to 83.143.245.37
    <191>602: 000597: Aug 10 21:15:11.094 GMT+2: DNS: Removed waiting
    query id #2
    <191>603: 000598: Aug 10 21:15:14.466 GMT+2: DNS: Incoming UDP query
    (id#3)
    <191>604: 000599: Aug 10 21:15:14.466 GMT+2: DNS: Incoming UDP query
    (id#59263)
    <191>605: 000600: Aug 10 21:15:14.466 GMT+2: DNS: Incoming UDP query
    (id#59263)
    <191>606: 000601: Aug 10 21:15:14.466 GMT+2: DNS: Incoming UDP query
    (id#59263)
    <191>607: 000602: Aug 10 21:15:14.470 GMT+2: DNS: Incoming UDP query
    (id#59263)
    <191>608: 000603: Aug 10 21:15:14.470 GMT+2: DNS: Incoming UDP query
    (id#59263)
    <191>609: 000604: Aug 10 21:15:14.470 GMT+2: DNS: Incoming UDP query
    (id#59263)
    <191>610: 000605: Aug 10 21:15:14.470 GMT+2: DNS: Incoming UDP query
    (id#59263)
    <191>611: 000606: Aug 10 21:15:14.470 GMT+2: DNS: Incoming UDP query
    (id#59263)
    <191>612: 000607: Aug 10 21:15:14.470 GMT+2: DNS: Incoming UDP query
    (id#59263)
    <191>613: 000608: Aug 10 21:15:14.470 GMT+2: DNS: Incoming UDP query
    (id#59263)
    <191>614: 000609: Aug 10 21:15:14.470 GMT+2: DNS: Incoming UDP query
    (id#59263)
    <191>615: 000610: Aug 10 21:15:14.470 GMT+2: DNS: Incoming UDP query
    (id#59263)
    <191>616: 000611: Aug 10 21:15:14.470 GMT+2: DNS: Type 1 DNS query
    (id#3) for host 'www.tweakers.net' from 192.168.1.2(2150)
    <190>617: 000612: Aug 10 21:15:14.470 GMT+2: %DNS-6-LOG_ACCESS: DNS
    View default used for client 192.168.1.2/2150, querying A
    'www.tweakers.net'
    <191>618: 000613: Aug 10 21:15:14.474 GMT+2: DNS: Servicing request
    using view default
    <191>619: 000614: Aug 10 21:15:14.474 GMT+2: DNS: Re-sending DNS query
    (type 1, id#7734) to 208.67.220.220
    <191>620: 000615: Aug 10 21:15:14.474 GMT+2: DNS: Type 1 response
    (id#59263) for host <www.tweakers.net> from 208.67.220.220(53)
    <191>621: 000616: Aug 10 21:15:14.474 GMT+2: DNS: Dropping reply from
    208.67.220.220(53) - doesn't match a query
    <191>622: 000617: Aug 10 21:15:14.474 GMT+2: DNS: Type 1 response
    (id#59263) for host <www.tweakers.net> from 208.67.220.220(53)
    <191>623: 000618: Aug 10 21:15:14.474 GMT+2: DNS: Dropping reply from
    208.67.220.220(53) - doesn't match a query
    <191>624: 000619: Aug 10 21:15:14.474 GMT+2: DNS: Type 1 response
    (id#59263) for host <www.tweakers.net> from 208.67.220.220(53)
    <191>625: 000620: Aug 10 21:15:14.474 GMT+2: DNS: Dropping reply from
    208.67.220.220(53) - doesn't match a query
    <191>626: 000621: Aug 10 21:15:14.474 GMT+2: DNS: Type 1 response
    (id#59263) for host <www.tweakers.net> from 208.67.220.222(53)
    <191>627: 000622: Aug 10 21:15:14.474 GMT+2: DNS: Dropping reply from
    208.67.220.222(53) - doesn't match a query
    <191>628: 000623: Aug 10 21:15:14.474 GMT+2: DNS: Type 1 response
    (id#59263) for host <www.tweakers.net> from 208.67.220.222(53)
    <191>629: 000624: Aug 10 21:15:14.474 GMT+2: DNS: Dropping reply from
    208.67.220.222(53) - doesn't match a query
    <191>630: 000625: Aug 10 21:15:14.474 GMT+2: DNS: Type 1 response
    (id#59263) for host <www.tweakers.net> from 208.67.220.222(53)
    <191>631: 000626: Aug 10 21:15:14.474 GMT+2: DNS: Dropping reply from
    208.67.220.222(53) - doesn't match a query
    <191>632: 000627: Aug 10 21:15:14.474 GMT+2: DNS: Type 1 response
    (id#59263) for host <www.tweakers.net> from 83.143.245.36(53)
    <191>633: 000628: Aug 10 21:15:14.474 GMT+2: DNS: Dropping reply from
    83.143.245.36(53) - doesn't match a query
    <191>634: 000629: Aug 10 21:15:14.474 GMT+2: DNS: Type 1 response
    (id#59263) for host <www.tweakers.net> from 83.143.245.36(53)
    <191>635: 000630: Aug 10 21:15:14.478 GMT+2: DNS: Dropping reply from
    83.143.245.36(53) - doesn't match a query
    <191>636: 000631: Aug 10 21:15:14.478 GMT+2: DNS: Type 1 response
    (id#59263) for host <www.tweakers.net> from 83.143.245.36(53)
    <191>637: 000632: Aug 10 21:15:14.478 GMT+2: DNS: Dropping reply from
    83.143.245.36(53) - doesn't match a query
    <191>638: 000633: Aug 10 21:15:14.478 GMT+2: DNS: Type 1 response
    (id#59263) for host <www.tweakers.net> from 83.143.245.37(53)
    <191>639: 000634: Aug 10 21:15:14.478 GMT+2: DNS: Dropping reply from
    83.143.245.37(53) - doesn't match a query
    <191>640: 000635: Aug 10 21:15:14.478 GMT+2: DNS: Type 1 response
    (id#59263) for host <www.tweakers.net> from 83.143.245.37(53)
    <191>641: 000636: Aug 10 21:15:14.478 GMT+2: DNS: Dropping reply from
    83.143.245.37(53) - doesn't match a query
    <191>642: 000637: Aug 10 21:15:14.478 GMT+2: DNS: Type 1 response
    (id#59263) for host <www.tweakers.net> from 83.143.245.37(53)
    <191>643: 000638: Aug 10 21:15:14.478 GMT+2: DNS: Dropping reply from
    83.143.245.37(53) - doesn't match a query


    When doeing a ping on the router it works just fine (instantly!)
    Code:

    Steventje#ping tweakers.net
    Translating "tweakers.net"...domain server (208.67.220.220) [OK]

    Type escape sequence to abort.
    Sending 5, 100-byte ICMP Echos to 213.239.154.35, timeout is 2
    seconds:
    !!!!!
    Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20
    ms
    Steventje#


    Bypassing the cisco's dns forwarder, gives instand dns lookups from my
    PC, so I guess it's not Windows...
    code:

    C:\Documents and Settings\Steven>nslookup www.tweakers.net
    Server: resolver1.opendns.com
    Address: 208.67.222.222

    Non-authoritative answer:
    Name: www.tweakers.net
    Address: 213.239.154.35


    Can you help me?
    Couldnt' find anyone else with the same problem.
    Will post cisco config if needed - rather standard dns config (but my
    post is already very long)
    Thanks in advance everyone!!

    Steven.
     
    Steven V.A., Aug 10, 2008
    #1
    1. Advertisements

  2. Steven V.A.

    Steven V.A. Guest

    On Sun, 10 Aug 2008 19:22:35 GMT, (Steven V.A.) wrote:


    One more thing I noticed:

    Increasing the timeout on the Windows box just increases the lookup
    time, as if it follows nicely :(

    Specified 10s timeout >>>>>>> C:\>nslookup -time=10 tweakers.net
    192.168.1.1
    Server: cisco-steventje
    Address: 192.168.1.1

    DNS request timed out.

    See what I mean >>>>>>>>>>>>>>>>>> timeout was 10 seconds.
    Non-authoritative answer:
    Name: tweakers.net
    Address: 213.239.154.35


    Debug log is the same as 1st post (just a bit shorter)

    Greetings,
    Steven
     
    Steven V.A., Aug 10, 2008
    #2
    1. Advertisements

  3. Steven V.A.

    Steven V.A. Guest

    I have added one DNS server from OpenDNS, and it still times out :(

    Aug 14 10:31:11 192.168.1.1 123: 000118: Aug 14 10:31:11.493 GMT+2:
    DNS: Incoming UDP query (id#3)
    Aug 14 10:31:11 192.168.1.1 124: 000119: Aug 14 10:31:11.497 GMT+2:
    DNS: Type 1 DNS query (id#3) for host 'www.google.be' from
    192.168.1.2(1758)
    Aug 14 10:31:11 192.168.1.1 125: 000120: Aug 14 10:31:11.497 GMT+2:
    %DNS-6-LOG_ACCESS: DNS View default used for client 192.168.1.2/1758,
    querying A 'www.google.be'
    Aug 14 10:31:12 192.168.1.1 126: 000121: Aug 14 10:31:11.497 GMT+2:
    DNS: Servicing request using view default
    Aug 14 10:31:12 192.168.1.1 127: 000122: Aug 14 10:31:11.497 GMT+2:
    DNS: Re-sending DNS query (type 1, id#21226) to 208.67.220.220
    Aug 14 10:31:18 192.168.1.1 128: 000123: Aug 14 10:31:17.429 GMT+2:
    DNS: Resending query id #3
    Aug 14 10:31:18 192.168.1.1 129: 000124: Aug 14 10:31:17.429 GMT+2:
    DNS: Re-sending DNS query (type 1, id#21226) to 208.67.220.220
    Aug 14 10:31:21 192.168.1.1 130: 000125: Aug 14 10:31:20.429 GMT+2:
    DNS: Resending query id #3
    Aug 14 10:31:21 192.168.1.1 131: 000126: Aug 14 10:31:20.429 GMT+2:
    DNS: Re-sending DNS query (type 1, id#21226) to 208.67.220.220
    Aug 14 10:31:24 192.168.1.1 132: 000127: Aug 14 10:31:23.429 GMT+2:
    DNS: Removed waiting query id #3

    IP host, redirecting hosts, some caching, blocking, ....
    http://www.nil.si/ipcorner/RouterDNS/

    Greetings,
    Steven
     
    Steven V.A., Aug 14, 2008
    #3
  4. Steven V.A.

    Steven V.A. Guest

    I need to mention that DNS lookups from the router itself work fine.

    Below is the output from my PC:
    1st sample is with OpenDNS DNS's servers direcly configured on my PC
    (and thus bypassing the router)
    2nd sample is using the Cisco. Notice that 2 second time out :(

    C:\Documents and Settings\Steven>nslookup www.tweakers.net
    Server: resolver1.opendns.com
    Address: 208.67.222.222

    Non-authoritative answer:
    Name: www.tweakers.net
    Address: 213.239.154.35


    C:\Documents and Settings\Steven>nslookup www.tweakers.net 192.168.1.1
    Server: cisco-steventje
    Address: 192.168.1.1

    DNS request timed out.
    timeout was 2 seconds.
    Non-authoritative answer:
    Name: www.tweakers.net
    Address: 213.239.154.35

    On the router everthing works perfectlty:

    Steventje#clear host *
    Steventje#ping www.tweakers.net
    Translating "www.tweakers.net"...domain server (83.143.245.36) [OK]

    Type escape sequence to abort.
    Sending 5, 100-byte ICMP Echos to 213.239.154.35, timeout is 2
    seconds:
    !!!!!
    Success rate is 100 percent (5/5), round-trip min/avg/max = 16/17/20
    ms
    Steventje#


    This is driving me nuts :(

    Greetings,
    Steven
     
    Steven V.A., Aug 17, 2008
    #4
  5. Steven V.A.

    Merv Guest



    take a look at the ouput of debug ip packet detail to make sure router
    is sourcing the DNS query with its outside interface address (versus
    the inside addresses ) if it does not use the outside Internet
    reachable address, the DNS response will not reach you router

    what IOS version is loaded on your oruter - post output of show
    version
     
    Merv, Aug 17, 2008
    #5
  6. Steven V.A.

    Merv Guest

    also please post your router config - santized to removed passwords
    and outside ip addresses
     
    Merv, Aug 17, 2008
    #6
  7. Just looking at the original debugs it seesm that from the router DNS
    server perspective the replies arrive too late, e.g.

    <191>575: 000570: Aug 10 21:14:34.450 GMT+2: DNS: Incoming UDP query (id#2)
    <191>576: 000571: Aug 10 21:14:34.450 GMT+2: DNS: Type 1 DNS query (id#2) for host 'www.tweakers.net' from 192.168.1.2(2149)
    <190>577: 000572: Aug 10 21:14:34.450 GMT+2: %DNS-6-LOG_ACCESS: DNS View default used for client 192.168.1.2/2149, querying A 'www.tweakers.net'
    <191>578: 000573: Aug 10 21:14:34.450 GMT+2: DNS: Servicing request using view default
    <191>579: 000574: Aug 10 21:14:34.450 GMT+2: DNS: Re-sending DNS query (type 1, id#59263) to 208.67.220.220

    ....

    <191>602: 000597: Aug 10 21:15:11.094 GMT+2: DNS: Removed waiting query id #2

    <191>604: 000599: Aug 10 21:15:14.466 GMT+2: DNS: Incoming UDP query (id#59263)

    ....

    <191>620: 000615: Aug 10 21:15:14.474 GMT+2: DNS: Type 1 response (id#59263) for host <www.tweakers.net> from 208.67.220.220(53)
    <191>621: 000616: Aug 10 21:15:14.474 GMT+2: DNS: Dropping reply from 208.67.220.220(53) - doesn't match a query

    Perhaps the responses actually arrive in plenty of time but the DNS
    server is tardy in getting around to look at them. Combining this debug
    with debug ip packet detail <access-list matching DNS> might tell.
     
    Martin Gallagher, Aug 18, 2008
    #7
  8. Steven V.A.

    Steven V.A. Guest

    I will try it.
    Thanks!

    Greetings,
    Steven
     
    Steven V.A., Aug 25, 2008
    #8
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.