DNS issue on 1 machine only?

Mr. Analog · January 27, 2015, 02:16:28 PM

So, here's something weird...

I have 3+ networked devices connected to my network, 3 of which are Windows 7 PCs, one out of the three can't resolve anything. When I ping Google DNS I get responses on the other two machines but not the trouble machine

The trouble machine is getting addressed no problem and can ping the router but DNS will not resolve.

The other thing I noticed is that when I go to ping the trouble machine I'm not getting an IPV4 address, it looks like an IPV6 address (the thing is I disabled IPV6 on all my Win7 machines)

I thought it might be the router but I've soft rebooted it a couple of times, so I'm confuse?

Incidentally I've run ipconfig /all and compared settings and as far as I can tell the adapter is set up the same across all three? But I figure if it was a problem with the router I would see it on everything and not just one machine?

Melbosa · January 27, 2015, 02:22:11 PM

Can you give us an IPCONFIG /ALL on the problem machine, and one of a working machine? Take a picture with your camera on your phone if you can't get the text off the machine. Next open up your C:\Windows\System32\Drivers\etc folder and past the contents of your hosts file.

Next is run a MalwareBytes in safe mode on your problem machine if the above checks out.

Mr. Analog · January 27, 2015, 02:24:10 PM

I'll check the hosts file, never even thought of that

After work when I have time to mess around a bit more I'll post my config stuff side by side

Very annoy

EDIT: ...I think I'm going to hard boot my router, some weird stuff going on

Mr. Analog · January 27, 2015, 02:48:37 PM

It looks like PEBKAC

I disabled the DNS relay option on my router, the thing I don't get is how 2 machines out of 3 were still able to resolve DNS without problems

Verr Strangggge

Mr. Analog · January 28, 2015, 10:32:44 AM

This problem is persistent

How could it be that LAN DNS resolves fine for everything but WAN DNS resolves for everything but one device?

All I can think of at this point is some malware or something hijacking DNS on that machine???

Melbosa · January 28, 2015, 10:45:53 AM

If you can go through the steps above so I can give you a better idea of what could be the cause...

Thorin · January 28, 2015, 10:50:43 AM

Do you have DNS specified on the two machines that work, and not on the one that doesn't? Maybe go into the properties of the connection on each machine and go into the advanced properties for IP4 and compare between the machines.

Also, if you think it's malware of some sort then doing a MalwareBytes scan in safe mode is a good idea. That'll at least rule it out, if nothing is found (yes, I'm placing a lot of trust in MBAM).

Mr. Analog · January 28, 2015, 11:28:13 AM

SO, I disabled the router's QOS settings and all of a sudden I could ping all machines across my LAN without any problems, then I lost WAN DNS (!?!)

So ... I reset my router to factory default and now things APPEAR to be working.

I have no idea why the QOS engine would pick on just the one machine, or what the hell was happening but it's all good now...

Time for a new router I think

[suspicious]DLink DIR-655 for those interested[/suspicious]

Melbosa · January 28, 2015, 11:32:43 AM

Highly recommend Asus RT-Nxxx or RT-ACxxx models (AC if you have lots of money). I've bought myself one, I think Lazy has one and I know 4 others in the office that moved from DD-WRT/Tomato compatible routers to them and haven't even changed the default Asus OS. Night and Day in terms of performance as well!

Mr. Analog · January 28, 2015, 11:40:33 AM

Nice, that's what I should have...

Do you have to SSH in to administrate it or does it have a web access portal?

Melbosa · January 28, 2015, 11:43:40 AM

Web access all good and sexy... but does allow SSH if you want.

Mr. Analog · January 28, 2015, 11:49:01 AM

Awesome, when I get back I know what I'm buying

Thorin · January 28, 2015, 01:22:15 PM

Quote from: Melbosa on January 28, 2015, 11:32:43 AM
Highly recommend Asus RT-Nxxx or RT-ACxxx models (AC if you have lots of money). I've bought myself one, I think Lazy has one and I know 4 others in the office that moved from DD-WRT/Tomato compatible routers to them and haven't even changed the default Asus OS. Night and Day in terms of performance as well!

Well but which ones? MemEx has the RT-N10 for $39.99 all the way to the RT-AC87U for $359.99. And they all seem to claim the same thing (300,000 data sessions, AiRadar for better signals, multiple networks for separation, etc).

Mr. Analog · January 28, 2015, 01:27:30 PM

From what I understand the difference between routers is usually available memory

A home router that's expected to deal with less traffic ships with less storage whereas a small business router will have more

Melbosa · January 28, 2015, 01:51:04 PM

For N I would recommend: http://www.memoryexpress.com/Products/MX37448

For AC I would recommend: http://www.memoryexpress.com/Products/MX48122

But depends on your cash flow and needs. I love my RT-N66U and would say the Ram and CPU on it are sufficient for my heavy 2 person internet needs. I don't expect to have any AC devices for another 2-3 years.