NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Orbi doesn't fall over to 2nd or 3rd DNS
I have a couple of Raspberry Pi's running PiHole for my DNS. The setup works great, but the other day the first PiHole machine got unplugged, and my devices weren't able to reach the network, despite...
So I think I figured things out.
One of my RPi is setup as my DHCP server, and when I looked the DNSMasq .conf file it was only passing on the IP address of the DNS servers for that RPi, not the addresses for the RPi PiHole severs.
I edited the .conf file, and replaced 8.8.8.8, etc with the local pihole IPs, and for the first time ever I have all three of my RPis showing blocked traffic!
Southpaw32 wrote:I have a couple of Raspberry Pi's running PiHole for my DNS. The setup works great, but the other day the first PiHole machine got unplugged, and my devices weren't able to reach the network, despite having a second and third DNS.
Why didn't the Orbi rollover to the other DNS?
I was going to suggest filing a Bug Report (https://bugcrowd.com/netgear ), but that seems to be aimed at vulnerabilities rather than products simply not working correctly. Certainly posting in the Idea Exchange would be a positive step (although I have serious doubts that anyone at Netgear ever reads these posts). https://community.netgear.com/t5/Idea-Exchange-For-Home/idb-p/idea-exchange-for-home
I have a dim memory from the (very old) DOS Days that IBM PC's would take multiple DNS entries, but after they got a response from one, they would never try any of the others again. The only recourse was the Big Red Switch (turn it off). In Windows 10, it appears that queries are sent to every DNS server and the first response is acted on. (Seems highly wasteful to me, except that most LAN devices have only one DNS server entry <the router>.)
With multiple Pi-holes, it is obvious from the Console that only one of them is being queried? (not "round robin")
Yes, I can see live stats on the query numbers, and for sure it doesn't move on to the next DNS.
I've had this happen on a few occasions now. (I was testing some overclocking for awhile)
Makes a person wonder if the Orbi DNS code came from (a) the OpenWRT that Orbi is based on, or (b) was ported from the Nighthawk line. Would be a hoot to see if the Nighthawk line has the same 'disappointment'. Will take me the weekend to set up a second Pihole and dig out a Nighthawk to compare with Orbi.
Anything I can do to help test?
Have two Pi-holes running now. Am hoping that "pihole disable 10m" means to turn off everything, rather than "quit blocking and resolve everything." Validating your results on Orbi will be quick. Have to dig in my "Big Box of Stuff" to find my Nighthawk R7000 and Archer (might as well test it, too.)
Well, this is not working out as I anticipated. I have two Raspberry Pi's running Pi-hole.
My "test" Orbi is connected to my regular Orbi and configured as a router.
It is set to use the two Pi's as DNS servers. (192.168.1.27 and 192.168.1.30).
I have a Windows PC connected to the test Orbi (ethernet). When I open a web browser, what seems to happen is that all DNS requests are sent by the Orbi to both Pi-holes. What appears to be happening is that the Orbi behaves as Windows 10 seems to behave. If DNS requests cannot be satisfied from the Pi-hole cache, they are sent to all DNS resolvers.
I will perform another test tomorrow where DNS server #1 is taken off-line to see if DNS requests still go to DNS server #2.
Not sure what to make of all this. So far, it is not confirming your experience.
More tomorrow.....
There is another way to verify Orbi DNS behavior: capture WAN traffic.
If Orbi has two defined DNS servers (perhaps Google and Open DNS), a WAN traffic capture should show whether Orbi queries one or both of them. Will try that tomorrow as well.