Results 1 to 10 of 10
  1. #1
    Master Untangler
    Join Date
    Sep 2011
    Location
    Brisbane AU
    Posts
    118

    Default DNS not functioning after 10 to 11 upgrade

    Greetings Untanglers

    After a long troublefree run with untangle, I've hit a snag and hope the brains trust here can assist.

    My V10 was upgraded to V11:

    Build: 11.0.1~svn20150105r39394release11.0-1wheezy
    Kernel: 3.2.0-4-untangle-686-pae

    However then there was no internet access from the clients. A quick check showed internet access from within Untangle and DNS was resolving on the router using the tools. Nada at the client. Manually adding the DNS settings to the client adapter settings restores service, demonstrating a hole on the inside of the network between the client and untangle DNS server.

    • I have removed the DNS override I had applied to the inside adapter for troubleshooting.
    • Checked to ensure there was nothing else obviously broken anywhere.



    Sadly, nothing was found that might explain the dilemma. Can anyone advise what might be the issue that could have broken a working V10 install subsequent to the update.

    Many thanks in advance.

    Keith

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,202

    Default

    Is the Untangle providing DHCP to the clients? If so, can you post a screen shot of the DHCP settings on the Untangle.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Master Untangler
    Join Date
    Sep 2011
    Location
    Brisbane AU
    Posts
    118

    Default

    ScreenShot1018.jpg

    There are no static DNS entries. There are no custom dnsmasq options. DNS priority is set to very high (QoS).

    This is how it was prior to the upgrade. The only change post upgrade is removing the OpenDNS entry from the advanced options (now blank as shown above). It had been working fine prior, but I removed it for troubleshooting. The workaround is to manually assign the ISP DNS on the client but it would be much better if the DNS was served from the Untangle box.

    Once again, thanks for the assist.

    Keith

  4. #4
    Master Untangler
    Join Date
    Sep 2011
    Location
    Brisbane AU
    Posts
    118

    Default

    Additionally:

    2015-01-11 7:33:47 am - Test Started
    Testing DNS ... OK
    Testing TCP Connectivity ... OK
    Test Successful!
    2015-01-11 7:33:49 am - Test Completed

    2015-01-11 7:34:47 am - Test Started
    google.com has address 216.58.220.110
    google.com has address 216.58.220.96
    google.com has IPv6 address 2404:6800:4006:801::2000
    google.com mail is handled by 10 aspmx.l.google.com.
    google.com mail is handled by 30 alt2.aspmx.l.google.com.
    google.com mail is handled by 20 alt1.aspmx.l.google.com.
    google.com mail is handled by 40 alt3.aspmx.l.google.com.
    google.com mail is handled by 50 alt4.aspmx.l.google.com.
    Test Successful
    2015-01-11 7:34:49 am - Test Completed

    Connection test fails:

    2015-01-11 7:35:30 am - Test Started
    DNS fwd/rev mismatch: google.com != syd10s01-in-f0.1e100.net
    DNS fwd/rev mismatch: google.com != syd10s01-in-f14.1e100.net
    Test Failure
    google.com [216.58.220.96] 9 (discard) : Connection timed out
    2015-01-11 7:35:46 am - Test Completed

  5. #5
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,268

    Default

    And the IP configuration on the workstation? ipconfig /all on Windows, is it correct?
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  6. #6
    Master Untangler
    Join Date
    Sep 2011
    Location
    Brisbane AU
    Posts
    118

    Default

    It is correct only when the manual DNS entry is applied directly to the PC. If I allow it to automatically acquire DNS there are no DNS entries. It does pick up an IP address automatically.

    From reading similar posts - none of which I have seen identify a root cause or a corrective action, I suspect a component of the install has failed to either install properly or will not start. I am not expert enough to troubleshoot that however.

  7. #7
    Master Untangler
    Join Date
    Sep 2011
    Location
    Brisbane AU
    Posts
    118

    Default

    Here are the outputs:

    Automatic on the client:

    Code:
       IPv4 Address. . . . . . . . . . . : 192.168.1.155(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Lease Obtained. . . . . . . . . . : Sunday,11January2015 6:49:57 AM
       Lease Expires . . . . . . . . . . : Sunday,11January2015 9:04:50 AM
       Default Gateway . . . . . . . . . : 192.168.1.1
       DHCP Server . . . . . . . . . . . : 192.168.1.1
       DHCPv6 IAID . . . . . . . . . . . : 247226356
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-16-C6-51-BC-5F-F4-5C-A0-6D
    
       DNS Servers . . . . . . . . . . . : 192.168.1.1
       NetBIOS over Tcpip. . . . . . . . : Enabled

    Static config on the client.

    Code:
       IPv4 Address. . . . . . . . . . . : 192.168.1.155(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Lease Obtained. . . . . . . . . . : Sunday,11January2015 6:49:57 AM
       Lease Expires . . . . . . . . . . : Sunday,11January2015 9:08:54 AM
       Default Gateway . . . . . . . . . : 192.168.1.1
       DHCP Server . . . . . . . . . . . : 192.168.1.1
       DHCPv6 IAID . . . . . . . . . . . : 247226356
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-16-C6-51-BC-5F-F4-5C-A0-6D
    
       DNS Servers . . . . . . . . . . . : 61.9.211.1
                                           61.9.211.33
       NetBIOS over Tcpip. . . . . . . . : Enabled

  8. #8
    Master Untangler
    Join Date
    Sep 2011
    Location
    Brisbane AU
    Posts
    118

    Default

    Problem is solved.

    Looking at the top ipconfig capture shows the gateway IP address is returned. This is consistent with WIKI documentation regarding the DNS overide which states:

    If set, this value will be provided as the DNS in the DHCP leases. If unset, the static IPv4 address of this interface will be provided as the DNS. A single IPv4 address or a comma-separated list of IPv4 addresses is accepted.
    Sure enough, I added the OpenDNS IP's back in there without the prefix it had before (6,) and it works just fine. I am unsure why it didn't work between versions or why it didn't pass through the ISP DNS but I am pleased to have got it going again.

    Thanks sky-knight for making me take the time to put the configs side by side so I could see the issue. Time for some zzzzz's.

    Kind regards

    Keith
    Last edited by keith_h; 01-10-2015 at 04:05 PM.

  9. #9
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,268

    Default

    You don't want to use the option 6 configuration on version 11, you want to use the DNS override box. There's a... I hesitate to call it a bug, but is an oddity in the way dnsmasq does that now and you'll have other issues.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  10. #10
    Master Untangler
    Join Date
    Sep 2011
    Location
    Brisbane AU
    Posts
    118

    Default

    Quote Originally Posted by sky-knight View Post
    You don't want to use the option 6 configuration on version 11, you want to use the DNS override box. There's a... I hesitate to call it a bug, but is an oddity in the way dnsmasq does that now and you'll have other issues.
    This is what I figured from some of the posts I read. Once the IP addys were in by themselves it sprang back into life. However, it doesn't explain why it did not work with that field empty although no doubt there is a good reason for it.

    The really good thing about my implementation is that its been completely hands off for years. On the flip side, it means I don't really have a good feel for whats going on under the hood which is only an issue when the going gets rough.

    That's where this resource rocks. With research and some assistance life is good again.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2