NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

mropers's avatar
mropers
Aspirant
Apr 04, 2011

FVS336Gv2 dropping DNS packets >512 bytes

Hello, I have a new FVS336Gv2 and am having trouble getting DNS to resolve in a timely fashion through the router. Here is my setup: Mac OS Snow Leopard Server running LAN side DHCP and DNS. All...
lemieux's avatar
lemieux
Novice
Feb 14, 2012
mropers wrote:

Here are the DNS server logs from a recent DNS lookup:

27-Apr-2011 19:10:05.563 createfetch: www.nytimes.com A
27-Apr-2011 19:10:10.563 createfetch: www.nytimes.com A
27-Apr-2011 19:10:10.699 host unreachable resolving 'www.nytimes.com/A/IN': 2001:503:231d::2:30#53
27-Apr-2011 19:10:15.563 createfetch: www.nytimes.com A
27-Apr-2011 19:10:21.668 host unreachable resolving 'www.nytimes.com/A/IN': 2001:503:a83e::2:30#53
27-Apr-2011 19:10:24.520 success resolving 'www.nytimes.com/A' (in 'com'?) after disabling EDNS



And corresponding FVS336Gv2 logs for same request:

2011 Apr 27 19:10:25 [FVS336GV2] [kernel] LAN2WAN[ACCEPT] IN=LAN OUT=WAN SRC=172.16.53.10 DST=192.55.83.30 PROTO=UDP SPT=53 DPT=53
2011 Apr 27 19:10:24 [FVS336GV2] [kernel] LAN2WAN[ACCEPT] IN=LAN OUT=WAN SRC=172.16.53.10 DST=192.52.178.30 PROTO=UDP SPT=53 DPT=53
2011 Apr 27 19:10:23 [FVS336GV2] [kernel] LAN2WAN[ACCEPT] IN=LAN OUT=WAN SRC=172.16.53.10 DST=192.31.80.30 PROTO=UDP SPT=53 DPT=53
2011 Apr 27 19:10:22 [FVS336GV2] [kernel] LAN2WAN[ACCEPT] IN=LAN OUT=WAN SRC=172.16.53.10 DST=192.26.92.30 PROTO=UDP SPT=53 DPT=53
2011 Apr 27 19:10:21 [FVS336GV2] [kernel] LAN2WAN[ACCEPT] IN=LAN OUT=WAN SRC=172.16.53.10 DST=192.43.172.30 PROTO=UDP SPT=53 DPT=53
2011 Apr 27 19:10:20 [FVS336GV2] [kernel] LAN2WAN[ACCEPT] IN=LAN OUT=WAN SRC=172.16.53.10 DST=192.42.93.30 PROTO=UDP SPT=53 DPT=53
2011 Apr 27 19:10:19 [FVS336GV2] [kernel] LAN2WAN[ACCEPT] IN=LAN OUT=WAN SRC=172.16.53.10 DST=192.54.112.30 PROTO=UDP SPT=53 DPT=53
2011 Apr 27 19:10:19 [FVS336GV2] [kernel] LAN2WAN[ACCEPT] IN=LAN OUT=WAN SRC=172.16.53.10 DST=192.41.162.30 PROTO=UDP SPT=53 DPT=53
2011 Apr 27 19:10:18 [FVS336GV2] [kernel] LAN2WAN[ACCEPT] IN=LAN OUT=WAN SRC=172.16.53.10 DST=192.48.79.30 PROTO=UDP SPT=53 DPT=53
2011 Apr 27 19:10:17 [FVS336GV2] [kernel] LAN2WAN[ACCEPT] IN=LAN OUT=WAN SRC=172.16.53.10 DST=192.12.94.30 PROTO=UDP SPT=53 DPT=53
2011 Apr 27 19:10:16 [FVS336GV2] [kernel] LAN2WAN[ACCEPT] IN=LAN OUT=WAN SRC=172.16.53.10 DST=192.35.51.30 PROTO=UDP SPT=53 DPT=53



Any other suggestions?


I'm seeing a similar problem.

I added DNS:TCP and DNS:UDP to AllowAll for outbound traffic.

I've tried to turn off EDNS in bind9 using "edns no;".

I've tried limited EDNS packet size to 512 bytes using "edns-udp-size 512;".

Nothing seems to fix this problem. Any suggestions?

Guy

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More