Community discussions

MikroTik App
 
moraesmatheus2
just joined
Topic Author
Posts: 1
Joined: Thu Aug 04, 2022 4:20 pm

DNS - Slow Browsing - Any DNS Server - either cache on or off

Thu Aug 04, 2022 4:45 pm

Hi, I've been struggling for a while with some DNS issues. I manage the internet for a public school since I was a child, I have two RB2011UiAS. In the beginning, 8 years ago, one router was doing a load balance, and firewalI, had 2 DLS Links, 10mb and 5mb, and a fiber 20mb. The other router was the hotspot, dhcp. And it worked fine for years, so long that i forgot the passwords. This year, because the bandwidth became cheaper, we turned off the old DSL links, and got a 400mb fiber link. and because I lost the passwords, I have started from zero.

Router 01 connects to the internet, its a PPPOE connection to my ISP. I have a small LAN, 6 computers, cable, that are used by the main office.
Router 02 gets internet from router 1, and does a hotspot, for the wifi users, 200 clients, and 30 computers around the school.

Now, i figure out that my RB2011 doesn't deal with this 500mb link. And i understand that I should upgrade. But for now, i have no morte than 50mb of usage, 10% cpu, 25% sometimes.

And I am having some DNS issues that are driving me crazy, sometimes the DNS just doesn't solve. Takes a while, and suddenly works. Then stops. It happens in both networks, the hotspot, and the cable computers.

I have tried with Use peer DNS checkbox on and off. I have tried with allow remote requests on and off, when enabled I can see the cache working, but still, takes forever to load the websites.
I have tryed to mannualy put the ISP DNS in the computers, i have tryed 8.8.8.8, 8.8.4.4, 1.1.1.1, and same results.

The problem increases when the students are in the school, but, even with them in the school, theres no big load, no more than 50mb in the PPPOE intercace, no more then 25% CPU, no more than 10% of RAM in the routers.


If i connect my ISP cable to my computer, set the PPPOE in my computer, I get full speed, and the browsing works.

Router 01
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADS 0.0.0.0/0 pppoe-Vero 1
1 DS 0.0.0.0/0 pppoe-oi 2
2 ADC 10.10.1.0/29 10.10.1.1 eth5-alunos-RB2 0
3 ADC 10.30.0.0/24 10.30.0.1 eth4-secretaria 0
4 X S ;;; acesso rede servico
10.50.0.0/30 eth5-alunos-RB2 1
5 DC 10.60.0.0/30 10.60.0.1 eth3-servico 255
6 A S 10.90.0.0/24 eth5-alunos-RB2 1
7 ADC 100.116.128.1/32 100.116.185.221 pppoe-Vero 0
8 ADC 201.15.175.254/32 177.1.177.205 pppoe-oi 0



Firewall
1 chain=forward action=fasttrack-connection
connection-state=established,related log=no log-prefix=""

2 chain=forward action=accept connection-state=established,related log=no
log-prefix=""

3 ;;; winbox Liberado
chain=input action=accept protocol=tcp dst-port=8291 log=no log-prefix=""

4 ;;; Libera Ping 10
chain=input action=accept protocol=icmp limit=1,10:packet log=no
log-prefix=""

5 ;;; estabelecidas e relacionadas
chain=input action=accept connection-state=established,related log=no
log-prefix=""

6 X chain=input action=drop connection-state=new protocol=udp
in-interface=pppoe-Vero dst-port=53 log=no log-prefix=""

7 X chain=input action=drop connection-state=new protocol=tcp
in-interface=pppoe-Vero dst-port=53 log=no log-prefix=""

8 ;;; invalida
chain=input action=drop connection-state=invalid log=no log-prefix=""

9 ;;; DROP GERAL
chain=input action=drop in-interface=pppoe-Vero log=no log-prefix=""

10 ;;; DROP GERAL
chain=input action=drop in-interface=pppoe-oi log=no log-prefix=""

Who is online

Users browsing this forum: Bing [Bot], Google [Bot], GoogleOther [Bot] and 61 guests