After I started using V3, sometimes this problem appear!
C:\Documents and Settings\Jarda>ping smtp.tynec.net
Hostitele smtp.tynec.net se pomocí příkazu Ping nepodařilo najít. Zkontrolujte název hostitele a akci opakujte. (TRANSLATION from CZECH into ENG):
Host smtp.tynec.net was unable to find by ping. Please find and test if you have right host name.
But I am still able to ping IP address directly:
Příkaz PING na 81.92.155.2 s délkou 32 bajtů:
Odpověď od 81.92.155.2: bajty=32 čas=9ms TTL=60
Odpověď od 81.92.155.2: bajty=32 čas=6ms TTL=60
Odpověď od 81.92.155.2: bajty=32 čas=6ms TTL=60
Odpověď od 81.92.155.2: bajty=32 čas=8ms TTL=60
After waiting a few minutes or hour now I am able to send my mails again…
Příkaz PING na smtp.tynec.net [81.92.155.2] s délkou 32 bajtů:
Odpověď od 81.92.155.2: bajty=32 čas=5ms TTL=60
Odpověď od 81.92.155.2: bajty=32 čas=14ms TTL=60
Odpověď od 81.92.155.2: bajty=32 čas=11ms TTL=60
Odpověď od 81.92.155.2: bajty=32 čas=9ms TTL=60
I think there is some problems in DNS.
How can I help you to find this problem / bug?
Do you have enabled ‘allow-remote-request’ ? Do you have redirection to router DNS cache ?
As I have DNS cache running without any problems at 3.0rc2.
Currently it looks like that there might be problems with mail server (not with the RouterOS).
[admin@Mikrotik] > ip dns print
primary-dns: 81.92.155.1
secondary-dns: 81.92.155.100
allow-remote-requests: yes
cache-size: 2048KiB
cache-max-ttl: 1w
cache-used: 2048KiB
I am sure it is Mikrotik fault.
See ping test.
When outlook is unable to send mails, I am unable to ping SMTP server through Mikrotik by hostname, but I am able to ping smtp server by IP ADDRESS directly.
Whenever this fault (sending mails) has ocured and I changed my SMTP server in Outlook Express from “smtp.tynec.net” to “81.92.155.2” I am immediately able to send emails. When I change smtp back to “smtp.tynec.net” I am unable to send any mail
I had a short production run with RC4 I confirm an intermittent DNS problem, I couldn’t trace it back to anything. Just downgraded and all was back to normal. Awaiting news about this issue before testing v3.00 again.
Yes same for me. I downgraded it to RC1 and it works. Try RC1. Just don’t understand why the later RC versions have so much problems with DNS server. I wouldn’t even try RC5 and just wait for others to try it out. MT guys should look into this! I really wanted to send email to supports but could not manage to set remote access to my router. every time I request a static IP address, my internet stuffed up. Could someone with similar problem send a supportout to mikrotik thanks. I think they don’t even believe that this problem exist
Yes same for me. I downgraded it to RC1 and it works. Try RC1. Just don’t understand why the later RC versions have so much problems with DNS server. I wouldn’t even try RC5 and just wait for others to try it out. MT guys should look into this! I really wanted to send email to supports but could not manage to set remote access to my router. every time I request a static IP address, my internet stuffed up. Could someone with similar problem send a supportout to mikrotik thanks. I think they don’t even believe that this problem exist >
I’d like to try RC1 but Mikrotik support told me old version dont distribute I haven’t RC1 for PPC procesor, I got rb333.
This issue you are facing is more of a firewall issue than DNS. In ROS 3.0RC5, if your have a firewall rule to drop invalid connections, some of the locally generated ICMP connections will be dropped by that rule. To allow unrestricted pings, you have to create a rule to allow ICMP from local interfaces and place this rule above the rule that drops invalid connections.
Hm…
But I tried to have no Firewall rules and I had still DNS problems
Now, I have v 2.9.46 and I have nearly no DNS problem. Sometimes I have only problems sending mails (SMTP server was not found). But it is not as bad as in V3.xx
so you are saying that some addresses cannot be opened, are these addresses the same all the time or they change over time, we cannot reproduce anything you have written here, and if we cannot reproduce it it cannot be taken further to devs, and cannot be resolved.
if someone could set like step by step what to do (from a clean install) to reproduce the problem like
basic config - ip on eth1 outgoing, local clients on eth2 interface
local addresses distributed by dhcp and dhcp settings
firewall nat rules, filter rules
check the PC for settings (ip, gw, dns, time server if available) can iopen address aaa.bbb.com cannot aaa.ccc.com
we would be very grateful if you could do that.
i am behind RC5 box with static ip, that is my dns server, gateway, timeserver
I set Public IP, Private IP, DNS, Masquarade, DST-NAT, Routes, No Firewall Rules !!!
I started using this configured Router and my Customers started called me, taht some pages does not open (http://www.vse.cz) ; sending mail due my ISP smtp server was very often imposible
Whenever I have changed my DNS servers on my PC or my customers PC directly to my ISP DNS, all problems disappeared and all worked fine. When I use my router as DNS server, all described problems appeared again.
I had to downgrade to 2.9.46 to be operational again
But sometimes I have problems to send mails. ERROR: “smtp server was not found”.
I am sure that it is due to Router OS DNS problems.
My SMTP server set in outlook is “smtp.tynec.net” and on Mikrotik I have static DNS to translate smtp.tynec.net to my ISP smtp server. When I was using smtp.my_isp_smtp_server.cz I have not got any problem sending mails… When I am using static DNS translation on RouterOS I have these problems.
I confirm the problem. In a network we switched from BIND to MT 2.9.46 DNS cache. The customer phoned me after ~30mins telling that some hosts didn’t resolve - randomly - sometimes the same host DID resolve, and after several seconds it DIDN’T. I checked that myself and it really behaved that way. He was in panic (the cache served ~1000 PCs) so we had to quickly switch back to BIND, that’s why I haven’t done proper analysis and will speculate hereinafter.
You may test whether heavy DNS traffic doesn’t simply DoS the Mikrotik DNS cache. I saw trojaned PCs generating around 80-100 DNS queries per second to obtain MXes for random domains then A records for those MXes, to send spam to them. Several such trojans and you get pretty heavy load, and MT may not be able to respond to every legitimate query.
And I’ll recall another relevant thread - 1000s of PCs can query so much distinct records that 10MB cache will saturate quickly. That’s why we ask to increase the limit in the future.
