• March 19, 2024, 02:32:31 AM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: DNS packets dropped at firewall  (Read 16759 times)

mtroxel

  • Level 1 Member
  • *
  • Posts: 4
DNS packets dropped at firewall
« on: June 25, 2014, 07:47:07 AM »

15 users behind a Server 2012 DNS server.  Lots of "webpage cannot be displayed".  Hit the refresh button and it pops right up.  Turn on DNS logging in the server, and lots of DNS packets time out.  Put my laptop into the firewall, set the DNS to 8.8.8.8 or 4.2.2.2 and I get the same symptoms.  Plug my laptop straight into Comcast's router (which is set as a bridge) and everything is happy.

It's obvious this is the dead end.  I have the latest firmware,  1.09B38_WW.  When I search the logs for port 53, I see a lot of this:

[DSR-500][Kernel][KERNEL] same_src : Invalid address same_src : Invalid address [] LOG_PACKET[ALLOW]  IN=SELF  OUT=LAN SRC=192.168.50.1 DST=192.168.50.2 PROTO=ICMP TYPE=3 CODE=3 SRC=192.168.50.2 DST=75.75.76.76 PROTO=UDP SPT=63121 DPT=53

192.168.50.1 is the firewall, 192.168.50.2 is my server, 75,75.76.76 is Comcast's DNS.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: DNS packets dropped at firewall
« Reply #1 on: June 25, 2014, 08:18:56 AM »

  • What Hardware version is your router? Look at sticker under router.
  • What region are you located?

Is there a DNS relay feature on this router? If so, try to disable it and test again.
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

mtroxel

  • Level 1 Member
  • *
  • Posts: 4
Re: DNS packets dropped at firewall
« Reply #2 on: June 25, 2014, 08:25:47 AM »

  • What Hardware version is your router? Look at sticker under router.
 
Not on site, but when I remote in the http interface says Hdwr ver A1

  • What region are you located?
 Minnesota, USA

Is there a DNS relay feature on this router? If so, try to disable it and test again.
 No, its disabled.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: DNS packets dropped at firewall
« Reply #3 on: June 25, 2014, 08:44:49 AM »

Was a factory reset, update FW, factory reset then set up from scratch performed when updating FW?

I recommend that you phone contact D-Link support office and ask for help and information regarding this. We find that phone contact has better immediate results over using email.
Let us know how it goes please.
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

mtroxel

  • Level 1 Member
  • *
  • Posts: 4
Re: DNS packets dropped at firewall
« Reply #4 on: June 25, 2014, 08:58:51 AM »

No, did not start over when I did the FW update.  I've got two other firewalls VPN'd to this and that would be a real pain.  I'll try Dlink phone.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: DNS packets dropped at firewall
« Reply #5 on: June 25, 2014, 09:09:53 AM »

Let us know how it goes.
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

mtroxel

  • Level 1 Member
  • *
  • Posts: 4
Re: DNS packets dropped at firewall
« Reply #6 on: June 26, 2014, 12:49:23 PM »

For anyone else finding this in a search, I think I'm on it.  Dlink had me go to Advanced> Advanced Network> Attack Checks.  Uncheck these two boxes:

WAN:
Block TCP flood

LAN:
Block UDP flood

Hit save, then test.  My DNS lookups are noticeably faster, and I have not seen an error in either the firewall or my server's DNS monitoring.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: DNS packets dropped at firewall (RESOLVED)
« Reply #7 on: June 26, 2014, 12:52:05 PM »

Awesome info and thank you for sharing.
Glad it's working better now.

Enjoy.  ;)
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.