Community discussions

MikroTik App
 
markdunne
just joined
Topic Author
Posts: 6
Joined: Tue Aug 01, 2006 4:22 pm

DNS Problem

Tue Aug 01, 2006 5:50 pm

Hi all,
I'm having a problem with my Mikrotik Server. The current Set up is:
2 Ethernet cards, Local IP Range 10.5.5.0/24 Server IP 10.5.5.1
Public IP 83.220.200.112 with Gateway 83.220.200.126

This was routing perfectly using masquerading NAT but yesterday something strange happened. It stopped loading many Web pages.

I know this is a DNS Problem but i'm at a loss as to how to fix it. I've even tried to set external DNS Servers that I know are working properly but the server seems to be blocking the DNS Requests.

Can anybody shed some light on this for me as I have many irate customers who are without proper internet access at the moment.
 
jarosoup
Long time Member
Long time Member
Posts: 600
Joined: Sun Aug 22, 2004 9:02 am

Wed Aug 02, 2006 12:23 am

I think you need to post a little more information about your setup. Are you using webproxy? What kind of firewall have you setup? Using torch and/or the traffic sniffer, you should be able to determine where your traffic is hanging up. Also, what type of Internet connection is this hooked up to (T1/T3, DSL, Sat, etc)?
 
Syonyk
Member Candidate
Member Candidate
Posts: 109
Joined: Mon Feb 14, 2005 6:32 pm
Location: Coralville, IA
Contact:

Wed Aug 02, 2006 12:37 am

From the router, can you ping the DNS servers?

From the router, can you ping domain names (as in, does the router do proper DNS lookups itsself)?

What are the client DNS servers set to?

Can the client systems ping the DNS servers?

If so, can they do DNS lookups?

If you set the DNS server on the router to accept remote requests, and set the clients to use the router as their DNS server, do things work?

-=Russ=-
 
GotNet
Member
Member
Posts: 436
Joined: Fri May 28, 2004 7:52 pm
Location: Florida

Wed Aug 02, 2006 4:53 am

No MT at that address!

MT doesn't just stop working. Can you ping an IP outside? Look for a user with a home router pluged in backwards if you are using DHCP.
 
csickles
Forum Guru
Forum Guru
Posts: 1257
Joined: Fri May 28, 2004 8:46 pm
Location: Phoenix, AZ
Contact:

Wed Aug 02, 2006 4:57 am

Check the outside IP..

A ZyXel router answers at that address...

Craig
Things that make you go "Hmmmmmmmm"...

Craig
 
markdunne
just joined
Topic Author
Posts: 6
Joined: Tue Aug 01, 2006 4:22 pm

Wed Aug 02, 2006 4:14 pm

The reason you're not seeing a MT at that address is because i removed it and put a Zyxel in it's place until i can figure out what's going on. When it was in place i could type in any url on the MT and ping it no problem, it just seemed to stop routing traffic. I'm not using webproxy at all.

I've decided to just do a master reset on the box but i would still like to get to the bottom of what went wrong. I think it may have been hacked as when i telnetted into it i saw a lot of login attempts from external addresses.
 
markdunne
just joined
Topic Author
Posts: 6
Joined: Tue Aug 01, 2006 4:22 pm

Wed Aug 02, 2006 4:19 pm

Also the outside DNS servers are 82.195.128.132 and 82.195.128.192
 
markdunne
just joined
Topic Author
Posts: 6
Joined: Tue Aug 01, 2006 4:22 pm

Strange reponse from DNS

Tue Aug 08, 2006 8:58 pm

Hi all just an update:

My DNS Server still isn't working properly.
In the settings I have the Primary DNS Set to 217.114.173.6 and the secondary set to 82.195.128.132 and i have Allow Remote requests Checked.

When i Try an nslookup using my server it responds with:

Server: rfc1918.space.should.not.be.used.on.publicips
Address: 10.5.5.1

And Domain (eg. hp.com) I try to access comes back with:

*** No address (A) records available for hp.com

Has anyone seen this before? The response from the server seems strange to me. When i set my PC to the DNS Servers I showed above, i have full access to all pages.
 
cmit
Forum Guru
Forum Guru
Posts: 1552
Joined: Fri May 28, 2004 12:49 pm
Location: Germany

Tue Aug 08, 2006 10:14 pm

Are you REALLY sure you are still masquerading your outgoing DNS requests?

Best regards,
Christian Meis
Best regards,
Christian Meis
 
markdunne
just joined
Topic Author
Posts: 6
Joined: Tue Aug 01, 2006 4:22 pm

Wed Aug 09, 2006 1:02 pm

I have Masquerading set up as in:
Chain=srcnat
out-interface=ether2
action=masquerade.

How do you mean my masquerading outgoing DNS requests?

Also checking the DNS Cache revealed the following few lines that to me seem odd:

Name, Type, Data
1.10.168.192.in-addr.arpa, PTR, rfc1918.space.should.not.be.used.on.publicips
1.3.168.192.in-addr.arpa, PTR, rfc1918.space.should.not.be.used.on.publicips
1.5.5.10.in-addr.arpa, PTR, rfc1918.space.should.not.be.used.on.publicips
10.in-addr.arpa, NS, localhost
10.in-addr.arpa, NS, blackhole-1.iana.org
10.in-addr.arpa, NS, blackhole-2.iana.org
114.200.220.83.in-addr.arpa, unknown (this is the Public IP of the server, why is it unknown???)

Who is online

Users browsing this forum: Bing [Bot], masoud80kg, torstorm, Znevna and 88 guests