DNS server settings causing regular intermittent internet outages

as147 · ‎08-03-2016

I have been running with OpenDNS for over a year now and nothing on my local network has changed that I am aware of. Over the last few weeks the internet connection has been VERY patchy. One moment fine, the next NOT. Sometimes I have one browser session working (e.g. streaming video) whilst a new browser session can't connect to anything. The Web interface to the router sometimes reports the internet is down even whilst I am streaming data! I can be on standard sites and sometimes the images don't fully load (little crosses are displayed in place of images). This usually happens after the link is unavailable and it hasn't fully recovered. Sometimes I get complete outages and no browser sessions work. Then a few minutes it all comes back but only lasts a few minutes. It's very disruptive.

I found by changing my router primary and secondary DNS settings to my ISP's settings everything works reliably. However that means I have to turn on parental (OpenDNS) controls. The OpenDNS primary and secondary DNS settings are 208.67.222.222 & 208.67.220.220. I am based in Australia and using Optus cable internet.

I would really appreciate some help as I want to keep the level of protection for my kids that OpenDNS provides but at the moment it is causing terrible connectivity issues.

mattwilson9090 · ‎08-04-2016

More than likely this is an issue with your ISP, or one of their upstream connections to OpenDNS. As a first step in troubleshooting please respond to the following

What happens when you go to the following website? What message do you receive? http://welcome.opendns.com/

If you are trying to block adult websites, what happens when you go to this website? http://www.exampleadultsite.com/

Please copy and paste the complete output of the following commands. If you choose to provide a screenshot rather than pasting the text do not provide a link to a third party website since it's very possible that the security conscious people reading this forum have that domain blocked. Instead use the "Attach file" link at the bottom of this page. Note, the periods at the end of each command are part of the command, do not omit them or the results won't be usable for diagnostic purposes.

nslookup -type=txt debug.opendns.com.

nslookup www.exampleadultsite.com.

ipconfig/all

as147 · ‎08-05-2016

A bit more information for you. I put back the OpenDNS primary and secondary DNS server settings on my router but switched off parental controls. Access to was much better (almost perfect). It's possible that if there were problems with my ISP they may have been resolved but it's probably too soon to tell.

My settings OpenDNS settings are
Live Parental controls: Enabled
Filtering level: Low (Protects against pornography and phishing attacks)

On the Netgear site the parental controls show

Default settings
12:00am to 5:00am Minimal
All other times (default) Low
Add a block time 12:00am - 12:00am Low

User settings are set as above
Bypass account: User

I have now run the tests you requested (results below). I ran them at 11pm and am NOT logged into a bypass account

going to http://welcome.opendns.com/ - worked

going to http://www.exampleadultsite.com/ displayed the page rather than block it.

The nslookup -type output produced:

1.1.168.192.in-addr.arpa
        primary name server = localhost
        responsible mail addr = nobody.invalid
        serial = 1
        refresh = 600 (10 mins)
        retry   = 1200 (20 mins)
        expire = 604800 (7 days)
        default TTL = 10800 (3 hours)
Server: UnKnown
Address: 192.168.1.1

debug.opendns.com text =

"server 3.syd"
debug.opendns.com text =

"device 00007ABF1212FAD5"
debug.opendns.com text =

"flags 422 0 8010 1840000000000000000"
debug.opendns.com text =

"originid 27456154"
debug.opendns.com text =

"actype 1"
debug.opendns.com text =

"bundle 27456154"
debug.opendns.com text =

"source 122.107.216.203:44104"

The nslookup www.exampleadultsite.com output produced:

1.1.168.192.in-addr.arpa
        primary name server = localhost
        responsible mail addr = nobody.invalid
        serial = 1
        refresh = 600 (10 mins)
        retry   = 1200 (20 mins)
        expire = 604800 (7 days)
        default TTL = 10800 (3 hours)
Server: UnKnown
Address: 192.168.1.1

Name: www.exampleadultsite.com
Address: 67.215.92.210

Ipconfig/all produced:

Windows IP Configuration

   Host Name . . . . . . . . . . . . : WMC2
   Primary Dns Suffix . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Intel(R) 82566DC-2 Gigabit Network Connection
   Physical Address. . . . . . . . . : 00-22-19-25-AA-E2
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::ed02:7986:2365:223b%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.6(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, 3 August 2016 1:35:06 AM
   Lease Expires . . . . . . . . . . : Saturday, 6 August 2016 6:00:35 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 201335321
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-FF-D0-81-00-22-19-25-AA-E2
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{CCE7E4B5-6BE2-4509-94F5-1438B58C1A2A}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:1c51:2d43:8594:2734(Preferred)
   Link-local IPv6 Address . . . . . : fe80::1c51:2d43:8594:2734%4(Preferred)
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 285212672
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-FF-D0-81-00-22-19-25-AA-E2
   NetBIOS over Tcpip. . . . . . . . : Disabled

as147 · ‎08-05-2016

Sorry, my first paragraph above was meant to say this (see highlighted text):

"I put back the OpenDNS primary and secondary DNS server settings on my router but switched off parental controls. Access for the last week was much better (almost perfect). For these tests I switched parental controls on and for the last hour its been fine. It's possible that if there were problems with my ISP they may have been resolved but it's probably too soon to tell.

rotblitz · ‎08-05-2016

It looks like you try to use both in parallel, OpenDNS Home and Netgear LPC. You cannot do this due to their incompatibility. Decide for the one or other.

mattwilson9090 · ‎08-05-2016

And then when you decide you need to completely remove all settings for the one you aren't using, both on your own network, as well as in the dashboard.

as147 · ‎08-06-2016

What do you mean using both OpenDNS and Netgear LPC? Isn't LPC just a front end/branding for OpenDNS?

When you go into Netgear parental controls on the router via the web interface it takes you to http://netgear.opendns.com/ Live Parental Controls (LPC) is just the name Netgear gives OpenDNS support isn't it?

See attached bitmap. When you go to support on the above website you get to https://opendns.zendesk.com/forums/21313122-Netgear-Live-Parental-Controls

If these are two different applications what are the two programs that support them?

Untitled.jpg

mattwilson9090 · ‎08-06-2016

No, LPC is not a front end or branding for OpenDNS. It is a completely separate solution that uses OpenDNS technology to provide the DNS related portions of it's functionality. It is incompatible with all other OpenDNS products, including OpenDNS Home (the free product) and Umbrella.

Bottom line, if you want to use LPC you have to delete anything that is configured at https://dashboard.opendns.com/ as well as removing OpenDNS DNS addresses that you have manually configured on the router. Unless you do both of those things you will effectively be using two incompatible products and will receive inconsistent results.

as147 · ‎08-06-2016

All my settings are performed from the Netgear router web interface or the Netgear Genie local application. So it is likely that other than an openDNS account (which I think is used by LPC) I have incorrectly stated the facts and am not actually using OpenDNS. I haven't set any DNS addresses manually other than those given to me by the ISP when I started to try and troubleshoot this issue. Prior to this the primary and secondary DNS IP addresses appear on my router when I switch on LPC (or as I incorrectly stated OpenDNS). Only when I switch off parental controls am I able to change the primary and secondary addresses on the router to my ISP's DNS settings.

Can you advise me how I go about using OpenDNS instead of LPC (as I know how to use and switch off LPC) but have no idea how to configure my network for OpenDNS. When I look at OpenDNS dashboard it states I have an account but no networks and I see references to OpenDNS Updater. Thanks for your help.

I just checked the openDNS dashboard and there doesn't seem to be anything setup.

mattwilson9090 · ‎08-06-2016

After disabling LPC, Go to this link https://www.opendns.com/home-internet-security/ and click on the SIGN UP button for OpenDNS Home. It will walk you through the steps you need to follow. In a nutshell you'll be adding the OpenDNS addresses to the router, configuring a way to register (and update) your public IP address with your OpenDNS account, and then configuring your OpenDNS settings on your dashboard.

Assuming OpenDNS Home works for you and you decide to stay with it instead of LPC you'll need to delete all of the settings you have at netgear.opendns.com

rotblitz · ‎08-07-2016

The problem seems to be that your IP address 122.107.216.203 is registered with OpenDNS network ID 27456154. So the settings of this dashboard network may take precedence over your LPC settings and ignoring the latter.

Your IP address information may be registered by another OpenDNS user, so you want to open a support ticket to get this removed.

as147 · ‎08-07-2016

Hi rotblitz, how is this happening if I am not actually using OpenDNS but using Netgear LPC? I have logged a ticket as suggested

as147 · ‎08-09-2016

Folks, a big question is on LPC I had the ability to have time based or user based exclusions to the filtering rules. These don't appear to be available in Home Internet. Is there a free solution or is that part of the paid service?

Mattwilson9090, you can understand why I think LPC and OpenDNS are the same product

LPC and OpenDNS use the same account so no need to setup another one. I chose the Home Internet Security as you recommended and it wouldn't let me create a new account but I could log on with the currently defined account being used by LPC.
The primary and secondary DNS settings are identical to the OpenDNS home settings 208.67.222.222 & 208.67.220.220

I have disabled LPC - not deleted any settings on netgear.opendns.com yet

I registered my public IP addresses with my OpenDNS account? I assume I keep it up to date with OpenDNS-Updater-2.2.1.exe (downloaded not yet run)?

mattwilson9090 · ‎08-09-2016

LPC is the only OpenDNS related product that has any sort of time based filtering. User or machine based filtering is possible with the different flavors of Umbrella when you install the agent on an individual device. So far as I know all the paid products allow the use of a bypass account or code, you wouldn't have automatic machine or user based settings, but you also wouldn't need to install or use the agent.

Yes, you either need the Updater, or some other updating method, such as a router that supports updates directly to OpenDNS or via DNS-O-Matic to keep your IP address updated.

as147 · ‎08-09-2016

Thanks for the quick response Matt. So back to the a point which I think is now proven to be correct. I don't think I was using both products at the same time!

LPC and OpenDNS they use the same account (you setup an account via LPC but it creates it on OpenDNS)
LPC uses the same DNS addresses that OpenDNS Home Security uses
I didn't have any networks setup in OpenDNS

Do you agree?

If so then this is the issue!

Do you think Rotblitz might be correct when he states the below....
"The problem seems to be that your IP address 122.107.216.203 is registered with OpenDNS network ID 27456154. So the settings of this dashboard network may take precedence over your LPC settings and ignoring the latter. Your IP address information may be registered by another OpenDNS user, so you want to open a support ticket to get this removed"