Youtube won't work on Wireless Network but works on Wired Network

chmod_net · ‎02-24-2021

Hi everyone,

We are a public school and we have had this problem for a long time now.

Following is the topology:

ISP -> Firewall(ip:192.168.2.252) -> Core Layer3 Switch(ip:192.168.2.251)

Core Layer 3 Switch is connected to WLC(ip:192.168.2.8) and 2951 Router(ip:192.168.2.253, serving DCHP server)

We are using Google's DNS(8.8.8.8 and 8.8.4.4) in our network and couple months ago we tried to change the DNS servers to GoGuardian's(Filtering and Monitoring) DNS servers, but that day we have seen couple issues(like YouTube not working) so we had to revert back everything.

We can go to YouTube on wired network but not on wireless. We can ping google.com fine on wireless but not YouTube.com.

But can do nslookup for YouTube.com so DNS works fine.

BTW Ping to google.com and YouTube.com on wired network shows "Redirect Network". But remember Youtube.com works on wired. This "Redirect Network" does not happen on pinging on wireless network.

#nslookup on wired network

>nslookup youtube.com

Server: 8.8.8.8

Address: 8.8.8.8#53

Non-authoritative answer:

Name: youtube.com

Address: 172.217.10.78

>ping youtube.com
PING youtube.com (172.217.10.78): 56 data bytes
64 bytes from 172.217.10.78: icmp_seq=0 ttl=115 time=18.267 ms
36 bytes from 192.168.2.251: Redirect Network(New addr: 192.168.2.252)
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 c6f7 0 0000 40 01 394a 192.168.2.152 172.217.10.78

64 bytes from 172.217.10.78: icmp_seq=1 ttl=115 time=18.607 ms
64 bytes from 172.217.10.78: icmp_seq=2 ttl=115 time=18.594 ms
64 bytes from 172.217.10.78: icmp_seq=3 ttl=115 time=18.532 ms
64 bytes from 172.217.10.78: icmp_seq=4 ttl=115 time=18.181 ms
64 bytes from 172.217.10.78: icmp_seq=5 ttl=115 time=18.726 ms
64 bytes from 172.217.10.78: icmp_seq=6 ttl=115 time=18.606 ms
64 bytes from 172.217.10.78: icmp_seq=7 ttl=115 time=18.201 ms
64 bytes from 172.217.10.78: icmp_seq=8 ttl=115 time=18.387 ms
64 bytes from 172.217.10.78: icmp_seq=9 ttl=115 time=18.608 ms
64 bytes from 172.217.10.78: icmp_seq=10 ttl=115 time=18.639 ms
64 bytes from 172.217.10.78: icmp_seq=11 ttl=115 time=18.536 ms
64 bytes from 172.217.10.78: icmp_seq=12 ttl=115 time=18.399 ms
36 bytes from 192.168.2.251: Redirect Network(New addr: 192.168.2.252)
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 ba68 0 0000 40 01 45d9 192.168.2.152 172.217.10.78

64 bytes from 172.217.10.78: icmp_seq=13 ttl=115 time=18.445 ms

#nslookup on wireless network

shen$ nslookup youtube.com

Server: 8.8.8.8

Address: 8.8.8.8#53

Non-authoritative answer:

Name: youtube.com

Address: 208.70.74.21

Ping YouTube on wireless network
$ ping youtube.com
PING youtube.com (208.70.74.21): 56 data bytes
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
Request timeout for icmp_seq 2
Request timeout for icmp_seq 3
Request timeout for icmp_seq 4
Request timeout for icmp_seq 5

OMG: Just did,

whois 172.217.10.78 and got

OrgAbuseHandle: ABUSE5250-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-650-253-0000
OrgAbuseEmail: network-abuse@google.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE5250-ARIN

but did whois 208.70.74.21

OrgAbuseHandle: ABUSE898-ARIN
OrgAbuseName: Abuse Department
OrgAbusePhone: +1-661-554-0287
OrgAbuseEmail: abuse@multacom.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE898-ARIN

This ip is not even show org is Google. Seriously lost here. Would WLC cache stuff and somehow affect us?

Some of current DHCP configs on our 2951 Router:

!
ip dhcp pool WIRED
network 192.168.2.0 255.255.255.0
default-router 192.168.2.251
dns-server 8.8.8.8 8.8.4.4

!

!
ip dhcp pool WIFI
network 172.16.0.0 255.255.240.0
default-router 172.16.14.251
dns-server 8.8.8.8 8.8.4.4

lease 7
!

Wireshark shows TCP traffic to 208.70.74.21

172.16.0.14 208.70.74.21 TCP 78 [TCP Retransmission] 53468 → 443 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=64 TSval=110210111 TSecr=0 SACK_PERM=1

TCP Analysis Flag: This frame is a(suspected) retransmission

EDIT: Feb 25 2021 -> Still trying to troubleshoot this issue, but It is not an issue for all wireless clients. Pretty sure now DNS is working funky for some clients on wireless network.

Leo Laohoo · ‎02-24-2021

AVC

Georg Pauwen · ‎02-24-2021

Hello,

--> We are using Google's DNS(8.8.8.8 and 8.8.4.4) in our network and couple months ago we tried to change the DNS servers to GoGuardian's(Filtering and Monitoring) DNS servers, but that day we have seen couple issues(like YouTube not working) so we had to revert back everything.

Does the problem exist, for wireless clients, with Google's DNS servers, or with GoGuardian, or both ? Are the wireless clients Windows clients, and what software (non-standard) are they running ? Is that different software than the wired machines ? And what are you using as wireless access point ?

chmod_net · ‎02-25-2021

Please see the edit in OP

paul driver · ‎02-25-2021

Hello

Are you performing NAT for the WIFI network if so does this have a policy for a different dns?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

chmod_net · ‎02-25-2021

NAT is done on Firewall for both wireless network and wired network.

paul driver · ‎02-25-2021

Hello

Have you checked your NAT and FW policys regards this alternative public DNS- What FW do you have?
Do you have any internal DNS Servers?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul