Bad DNS Query errors on router from Wireless subnet
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-19-2018 11:52 AM - edited 07-05-2021 09:36 AM
Running a Meraki wireless network with a secure SSID for staff. The Meraki AP has an IP address on the secure subnet which is permitted on the WAN. For DNS we have the primary set to an internal DNS server and secoWireless and Mobility, Other Wireless and Mobilityndary set as 8.8.8.8, to satisfy both the Secure SSID and guest SSID name resolution queries. In the router logs, I am seeing sets of these every day:
007515: Dec 19 10:07:15.439 EST: %DNSSERVER-3-BADQUERY: Bad DNS query from 10.203.2.2
007516: Dec 19 10:07:15.439 EST: %DNSSERVER-3-BADQUERY: Bad DNS query from 10.203.2.2
007517: Dec 19 10:07:15.571 EST: %DNSSERVER-3-BADQUERY: Bad DNS query from 10.203.2.2
007518: Dec 19 10:07:15.571 EST: %DNSSERVER-3-BADQUERY: Bad DNS query from 10.203.2.2
007519: Dec 19 10:07:15.627 EST: %DNSSERVER-3-BADQUERY: Bad DNS query from 10.203.2.2
007520: Dec 19 10:07:15.631 EST: %DNSSERVER-3-BADQUERY: Bad DNS query from 10.203.2.2
007521: Dec 19 10:07:16.615 EST: %DNSSERVER-3-BADQUERY: Bad DNS query from 10.203.2.2
007522: Dec 19 10:07:16.615 EST: %DNSSERVER-3-BADQUERY: Bad DNS query from 10.203.2.2
That is the IP address of my AP. What could be causing these errors? All is working as it should for staff and guest access. Thanks!
- Labels:
-
Other Wireless Topics
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-19-2018 01:02 PM
This device looks like acting as DNS Server. if this is not DNS Server then turn off.
turn it of with the "no ip dns server" configuration command.
or you have ACL inbound ACL
deny tcp any any eq 53
deny udp any any eq 53
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-20-2018 05:58 AM
The device that is throwing the error does act as a DNS server for other subnets and also is the DNS config for the secure wireless subnet's DHCP scope. I tried removing the DNS entry from that DHCP scope and leaving the DNS entries on the Meraki Dashboard, but then I was not able to browse anywhere from that subnet.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-20-2018 06:44 AM
*** Please rate helpful posts ***
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-21-2018 11:44 AM
Thanks Scott. I ran a packet capture, and it appears the DNS queries are being responded to by what is set on the Meraki dashboard and also by the gateway for the wireless subnet. I got a flurry of the errors for about a minute around 12:15 today. Are these errors even anything to worry about if everything is working? I'm thinking overhead on the router or something like that.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-21-2018 11:48 AM
*** Please rate helpful posts ***
