DNS Failure

provoshane · October 3, 2010, 1:36am

I have several x86 boxes running MT v4 and 3. On each of them, over a period of time, the DNS service has stopped functioning. I finally realized that it occurred when I inadvertently tried to change the cache file size while the cache file was being cleared.

I have rebooted the machines, changed cache file size, stopped the service then changed the cache size, all to no avail.

Has anyone found a way to fix this problem?

dssmiktik · October 3, 2010, 3:07am

This may be a long-shot:

Disable DNS requests: /ip dns set allow-remote-requests=no
Flush cache: /ip dns cache flush
Reboot
Flush cache again: /ip dns cache flush
DNS requests should be disabled. Enable: /ip dns set allow-remote-requests=yes

I haven’t experienced this problem, so I can say that this will fix your issue, but it should clear out any issues with DNS.

provoshane · October 3, 2010, 3:39am

I found the problem and hopefully this will assist others who come across it:

In viewing the forums, I saw a post that mentioned the primary and secondary server settings defaulting to 0.0.0.0 I also had this happen when my DNS service failed.

What I failed to notice was the Max UDP Packet size had ALSO reset to a value of 50. When I changed it back to 512, voila! The DNS service is now working correctly!

fewi · October 3, 2010, 4:11am

All the root servers now do DNSSEC, and it’s being rolled out more and more. DNSSEC is going to introduce packet sizes far larger than 512 bytes, and even AAAA records for IPv6 can go over that size if a record resolves to several IPs in a round robin fashion.

I set all my DNS inspecting firewalls to a maximum size of 4,096 byes now where I can’t make them read the OPT bit advertising the actual record length. RFC3226 is a good read for this topic. I’d also use 4,096 bytes for the RouterOS caching resolver, though I am not entirely sure it can handle DNSSEC it can can definitely handle AAAA records.

nikolovski · October 20, 2010, 4:33pm

Hello,

I have the same problem with some Mikrotiks, and I can’t find the logic behind this.
I cleared all the DNS cache and set the max udp packet size to 512 - but the DNS is still not working. The router is set to allow remote requests and outside dns servers are defined.
When I try to use the router as resolver, the router returns “Standard query response, server failure”.
Do you have any other ideas?

Thank you.

romanse · October 21, 2010, 11:56am

Have anybody resolve DNS problem?

Inssomniak · October 21, 2010, 11:12pm

Ive had this problem a few times too, rebooting it seems to be the only fix.

Support suggested changing the x86 to a routerboard, but I cant do that.