D6200 stops forwarding DNS queries

---

@CyberMarina365 wrote:

Sometimes (randomly) it stops forwarding DNS queries.

---

What error messages do you see?

What do you have it set to use for DNS normally? The Domain Name Server (DNS) Address?

If it is "Get Automatically from ISP" maybe the problem is at its end.

Any security software or stuff like that running at your end?

---

I know it isn't covered by support anymore ....

 

---

That's what this place is for.

Hello @michaelkenward,

thank you for your answer.

There is no error; simply any connected device (PC, smartphone, tablet, etc) is not able to resolve DNS queries.

NETGEAR D6200:

1. DNS is set to use Google (8.8.8.8 and 8.8.4.4), not "Get Automatically from ISP".

2. DHCP server is enabled: connected devices use the NETGEAR as default gateway and DNS (by design)

When the issue occurs:

DNS queries are not resolved on connected clients (nslookup command); Wireshark shows requests from client to NETGEAR, but no answers. DNS queries made from NETGEAR, directly (Diagnostics section), are resolved correctly. If I change the DNS server on clients from automatic to static (using Google), they start to resolve DNS queries again.

The reboot of NETGEAR resolve the issue until it occurs again.

Regards.  

another questions. Do you have IPv6 enabled?

There's a ipv6 dns server as well

The D6200 is working as a DSL modem/router and not alongside something else?

Hello @plemans,

no IPv6 enabled on NETGEAR. The only DNS server is itself (who forwards request to Google DNS servers).

Regards.

Hello @michaelkenward,

NETGEAR is set as Router (Modem + Router). It's behind ISP router, set in transparent mode: a LAN port of the ISP router is connected to WAN port of the NETGEAR with a public, static IP address assigned (and the gateway, of course, is the ISP router - same network).

Do you think is something related to ISP router that, at certain time it doesn't accept UDP packets (port 53) from NETGEAR ? It could be useful to put a Man-in-the-middle between the ISP router and NETGEAR just to understand if these packets come out of NETGEAR...what about ? I have no resources for this test (just a Raspberry)... 

Regards.

---

@CyberMarina365 wrote:

 

NETGEAR is set as Router (Modem + Router). It's behind ISP router, set in transparent mode: a LAN port of the ISP router is connected to WAN port of the NETGEAR with a public, static IP address assigned (and the gateway, of course, is the ISP router - same network).

 

I do not understand. The D6200 is a DSL modem/router. It is designed to provide an Internet connection to a DSL Internet service.

The D6200 can work as a modem/router, modem only or router only. Then there is wireless access point (AP) mode.

Where does this "ISP router" come into the picture?

It is not needed and is likely to get in the way.

You say that the D6200 is "behind ISP router". What does "behind" mean here? Seen from which direction?

It is between the "ISP router" and the outside world? Or it is between the outside world and the  "ISP router" 

>>>> Internet >>> "ISP router"  >>> D6200 >>> Your network

>>>> Internet >>> D6200 >>> "ISP router" >>> Your network

Whatever the case, it is ;likely to cause problems.

Where is it? What is this ISP router.

Hello @michaelkenward,

here in attach the network schema.

• The Tiesse (TIM) is the router provided and managed by ISP (I have no control over it).
• Port 1 of ISP router has a public, static IP address. The WAN interface of NETGEAR have a static, public IP address and gateway is the ISP router.

Just for your information:

• Ports 2 and 3 of ISP router are connected to VoIP telephones (are isolated from the office network).
• Port 4 of ISP router is unused

"Whatever the case, it is ;likely to cause problems." - So what could be the reason why, when the problem occurs, DNS queries are resolved if I change the DNS server on PCs pointing to Google DNS instead of NETGEAR ?

Regards,

Luca

---

@CyberMarina365 wrote:

Hello @michaelkenward,

here in attach the network schema.

 

• The Tiesse (TIM) is the router provided and managed by ISP (I have no control over it).
• Port 1 of ISP router has a public, static IP address. The WAN interface of NETGEAR have a static, public IP address and gateway is the ISP router.

In other words, the D6200 is not working as a modem. It is in router mode.

The next question is about the mode of the TIM box. If that also works as a router then you have two routers that may be competing to control the traffic on your network.

Two routers on your network can cause headaches. For example, you can end up with local address problems. Among other things, the other router can misdirect addresses that the Netgear router usually handles, such as routerlogin.net or the usual IP address for a router, 192.168.1.1.

This explains some of the other drawbacks.

What is Double NAT? | Answer | NETGEAR Support

I have  no idea what this anonymous TSM box can do, so I can't suggest how you can troubleshoot the DNS issues beyond suggesting this:

How to fix issues with Double NAT | Answer | NETGEAR Support

Hello @michaelkenward,

I have the ISP router in the middle (between Internet and NETGEAR), but I suppose the ISP router is in bridge mode and a "double NAT" is not occurring here: as written, the WAN interface of NETGEAR has a public, static IP address defined on it. So NAT occurs one time only (by NETGEAR).

The attached screenshot shows the Routing Table from NETGEAR (the "B" is the public, static IP address of ISP router).

When the problem occurs, here the situation:

C:\>nslookup
Default Server:  [192.168.1.1]
Address:  192.168.1.1

> www.google.com
Server:  [192.168.1.1]
Address:  192.168.1.1

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
*** Request to [192.168.1.1] timed-out

> server 8.8.8.8

Default Server:  dns.google
Address:  8.8.8.8

> www.google.com
Server:  dns.google
Address:  8.8.8.8

Non-authoritative answer:
Name:    www.google.com
Addresses:  2a00:1450:4002:404::2004
          142.250.184.36

Bye the above you can deduce that Internet traffic/routing is working fine. It is just the NETGEAR is not able to resolve (forward) DNS queries outside.

Regards.