Page 1 of 1

Funny DNS issue..

Posted: Tue Sep 18, 2012 10:57 am
by jeremyh
Hello,

I had a funny issue today - A user reported that he couldn't get to a website that he knew wasn't malfunctioning.

Curious, I tried a nslookup from my machine:
# nslookup domain.com
Server:		192.168.1.1
Address:	192.168.1.1#53

** server can't find domain.com: NXDOMAIN
The next thing I tried was using Google's DNS:
nslookup domain.com 8.8.8.8
Server:		8.8.8.8
Address:	8.8.8.8#53

Non-authoritative answer:
Name:	domain.com
Address: 208.113.134.XXX
Uhoh.. A problem with our ISP's DNS server? Nope - our ISP's DNS (the same DNS that is set in the Mikrotik router) returned the correct IP.

Next thing I tried was logging into our router, to see if there is a problem with DNS:
[admin@router] > /ip dns print
                servers: 220.233.0.3,220.233.0.4
  allow-remote-requests: yes
    max-udp-packet-size: 4096
             cache-size: 2048KiB
          cache-max-ttl: 1w
             cache-used: 2048KiB
Ah.. DNS servers are set to our ISP's, so that is OK. But what is this 'cache-used'? Surely the router wouldn't stop serving DNS requests because the cache is fulll?
[admin@router] > /ip dns cache flush
Oh - now I can resolve the website. The Mikrotik's cache was filled and so it decided to just stop doing DNS lookups.

1. Is this normal/expected behaviour?
2. What is the recommended DNS cache size?

RouterOS 5.12 on RB1100AH.

Thanks
Jeremy

Re: Funny DNS issue..

Posted: Tue Sep 18, 2012 3:44 pm
by janisk
first of, try running 5.20

second, how many dns requests you have in minute/second?

DNS caache should clean it self as it gets used more and more. and more you fill it more stuff should have been thrown out to make sure that there is enough space for the next request.

Try to increase cache size to 10MB and see how it fills up.

Re: Funny DNS issue..

Posted: Tue Sep 18, 2012 5:48 pm
by jeremyh
first of, try running 5.20
Well this is a 'production' device so I am reluctant to upgrade it - unless this is a bug in 5.12?
second, how many dns requests you have in minute/second?
Not too many I would have thought.. about 15 users in an office, all using web apps and browsing.
DNS caache should clean it self as it gets used more and more. and more you fill it more stuff should have been thrown out to make sure that there is enough space for the next request.
Try to increase cache size to 10MB and see how it fills up.
That's what I would have thought/expected also - that it would drop the oldest entries once the cache is full. I will increase the cache size.

Re: Funny DNS issue..

Posted: Fri Sep 21, 2012 9:43 am
by janisk
when you encounter something similar again, please create support output file and send it to support@mikrotik.com