I think some Internet connectivity issues my wife and I have been experiencing for a couple of days has to do with problems connecting to our ISPs DNS server, so I manually entered different DNS server address to our computers (I’m using Windows 7 and she is using XP).
However, our DSL modem/router has the addresses for our ISPs DNS servers. I’m assuming that the addresses in the modem will be ignored and the DNS server addresses that will be used will be what’s stored in Windows, right?
DNS is a hierarchy. At the low end is your computer. The high end is the root DNS servers for the entire internet. Your computer starts at the low end and works its way up until it gets an address.
Typically, your router (assuming you are letting it hand out IP addresses instead of configuring them yourself) will give you a DNS address of itself. When your computer makes a DNS request, it goes to the router. The router probably doesn’t have the DNS entry cached, so it goes up the chain. The next link in the chain according to the router is your ISP server, which is currently acting a bit wonky and causing you all kinds of grief.
By entering another DNS server, instead of the request going to your router, it goes to whatever server you specified. Then if that server doesn’t have the name cached, it goes to what it thinks is the next DNS server up the hierarchy chain. Assuming that you have picked a DNS server outside of your ISP, you’ve just bypassed your ISP’s wonky DNS server and you’ll take a different path up the hierarchy.
If you enter the router’s address as your primary DNS server and whatever secondary source you have as the alternate DNS server for your computer, it will automatically try the alternate whenever your router can’t get an address (i.e. whenever your ISP goes wonky again).
ETA:
There’s also a thing called “DNS cache poisoning” where a DNS server can be handing out wrong addresses. This can be just a screwup on the part of whoever owns the DNS server, but often it’s the result of a malicious attack on the DNS server. In this case, you can use the same technique (specifying a different DNS server) to get around the poisoned DNS server. If you have a problem like this then you don’t want to keep the poisoned DNS server on your list because you don’t want the addresses that it is handing out.
Strange. This usually happens at night and I thought I figured the problem out, but apparently not. A couple of nights ago I live chatted with a tech support person who could find nothing wrong on their end…this sucks.
For a minute I was having connectivity issues again. I look at the modem/router log and get the same thing I got before:
(GMT-06:00)21:31:55 Sat Nov 14 2009 syslog: failed dns request len=73,srcip=208.67.222.222, url=wpad.domain_not_set.invalid
(GMT-06:00)21:31:58 Sat Nov 14 2009 syslog: failed dns request len=73,srcip=208.67.222.222, url=wpad.domain_not_set.invalid
(GMT-06:00)21:32:01 Sat Nov 14 2009 syslog: failed dns request len=73,srcip=208.67.222.222, url=wpad.domain_not_set.invalid
(GMT-06:00)21:32:03 Sat Nov 14 2009 syslog: failed dns request len=73,srcip=208.67.222.222, url=wpad.domain_not_set.invalid
(GMT-06:00)21:32:06 Sat Nov 14 2009 syslog: failed dns request len=73,srcip=208.67.222.222, url=wpad.domain_not_set.invalid
(GMT-06:00)21:32:09 Sat Nov 14 2009 syslog: failed dns request len=73,srcip=208.67.222.222, url=wpad.domain_not_set.invalid
(GMT-06:00)21:32:12 Sat Nov 14 2009 syslog: failed dns request len=73,srcip=208.67.222.222, url=wpad.domain_not_set.invalid
(GMT-06:00)21:32:15 Sat Nov 14 2009 syslog: failed dns request len=73,srcip=208.67.222.222, url=wpad.domain_not_set.invalid
(GMT-06:00)21:32:24 Sat Nov 14 2009 syslog: failed dns request len=73,srcip=208.67.222.222, url=wpad.domain_not_set.invalid
(GMT-06:00)21:32:26 Sat Nov 14 2009 syslog: failed dns request len=73,srcip=208.67.222.222, url=wpad.domain_not_set.invalid
(GMT-06:00)21:32:31 Sat Nov 14 2009 syslog: failed dns request len=73,srcip=208.67.222.222, url=wpad.domain_not_set.invalid
(GMT-06:00)21:32:33 Sat Nov 14 2009 syslog: failed dns request len=73,srcip=208.67.222.222, url=wpad.domain_not_set.invalid
I thought switching from QWest DNS servers to Free DNS and OpenDNS servers would work, but I’m getting the same problem. This is frustrating.
And it seems to happen at night. Usually around 9:00pm, but it’s only a little after 7:30pm now.
In your browser options, turn off proxy autodetection.
wpad.<local domain> is a catchall dns entry used by Windows - it does a DNS lookup on wpad.<local domain> to create a URL that is used to download the local domain proxy settings. If nothing resolves wpad.<local domain>, it may take up to 15 seconds for the DNS failure to occur, and for IE to stop trying the proxy autoconfiguration.
The other solution is to create a host entry for wpad as 127.0.0.1
I’ll check my wife’s computer since I’m not auto-detecting proxies on mine.
Off topic, but do you know how to set the DNS Suffix Search List? If I manually enter other DNS servers then try using NSLookup it appends domain_not_set.invalid to any name I enter and I can’t resolve it to an address.
I tried Googling this, but no luck. Actually, let me rephrase, none of the public DNS servers give a suffix to use and I don’t know how, if it’s possible, to append no suffix at the end of a name.
You get .domain_not_set.invalid if your machine has no DNS suffix set in the Internet Protocol Network settings. If these are being set manually, you can add them (via the Advanced button, DNS Tab). If they are being set by DHCP, the DHCP server (probably your router) should have a config option to set this. However, a domain suffix should only get added to a name (for resolution purposes) if it does not have a suffix already or if the initial lookup has failed.
I should note that other bit of Windows (relating to http/Internet) can also try to resolve the wpad name - take a look at any other running apps that may try to configure a web proxy.
You can use anything - it should only be used when resolving local names. localnet is an option, or maybe your workgroup name. Not having a suffix is fine, too - Windows just uses domain_not_set.invalid as a default in that situation.
Yes, but unless I’m using my IP DNS server nslookup doesn’t work. For instance, I looked up Google under my IP’s DNS server. Under any other server I get this (using DNSAdvantage for example):
Note that you may not be using the DNS servers you think you are. There are ISPs that actually intercept port 53 UDP (DNS) traffic and send it to their own servers no matter what server it is actually addressed to, and I have heard that there are consumer routers that do the same thing, redirecting all DNS traffic to whatever DNS server the router is configured to use, despite local clients being configured differently. I have no idea what the rationale for the latter functionality would be, but apparently it exists.
QUESTIONS:
www.google.com.domain_not_set.invalid, type = A, class = IN
ANSWERS:
-> www.google.com.domain_not_set.invalid
internet address = 92.242.140.13
ttl = 600 (10 mins)
Yeah, this is a combination of stupid problems at both ends.
First, Windows DNS client always appends the primary DNS suffix before trying the raw name. It should only do this if there are no “.” in the name (IMHO).
Second, DNSAdvantage (and OpenDNS) use wildcard DNS resolution that resolve all unknown DNS names to their own advertising supported search page. This is how they make money. Unfortunately, they appear to not invalidate the results for domain_not_set.invalid (this search string should always return an NXERROR).
Try adding a “.” as your primary DNS suffix - this prevents appending.
I’m glad it is now working, but try a nslookup debug to see what is getting tested first. Those other extensions (com,net,edu,gov) will still always resolve on a wildcard DNS to the DNS search page - possibly not what you want.