D-Link Forums

D-Link Wireless Routers for Home and Small Business => Information => Archive => Topic started by: ambercap on January 15, 2013, 07:23:34 AM

Title: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 15, 2013, 07:23:34 AM
My new DIR-645 is connected to a cable modem (WAN) and configured to use L2TP (dynamic).
The DNS fields are left blank.
On the status page I see the 2 DNS server IPs obtained via DHCP from the ISP.
DNS relay is enabled.
LAN IP is set to 192.168.2.1.

Local clients using DHCP get 192.168.2.1 as the default gateway as well as the DNS server.
All local machines (LAN and WiFi) have no problem resolving names via DNS (relayed by the router to the external servers) and everything works great.

The problem is the router itself is unable to resolve any names whatsoever. If I enter the web UI the following features therefore do not work:
  Can't use a host name for the ISP gateway for L2TP - I'm using the IP instead.
  Can't use a host name for the SMTP gateway for emailing the router log files - using the IP instead.
  On the system check page (ping) I can't ping for example www.google.com - pinging the actual IP succeeds.
  I can't get NTP to work to set the router's time as it can't resolve ntp1.dlink.com and since this is a dropdown list, I can't type in another host nor the IP.
  I can't check for f/w updates via the web UI (not that I need to).
  I can't update DDNS as it can't resolve dlinkddns.com

I suspect this is because the router does not update its /etc/resolv.conf file (there is a message complaining about an empty resolv.conf in its log).

I tried entering the DNS IPs in the network settings page but it made no difference.

I was able to get NTP to work at least by saving the config.bin, extracting the xml, changing ntp1.dlink.com to the actual IP, repacking config.bin and restoring it. Now NTP works and I see the IP displayed (though the dropdown shows no NTP server selected).

I can't do the same for DDNS since there is no server entry in the config - just <provider>DLINK</provider>.

So at this point the most annoying problem is I can't use the DDNS feature due to the failure to resolve any names.

Any ideas? Is this just a f/w bug? Any way to fix it by fiddling with config.xml entries? eg. set <dns4> for WAN-1 to DNS4-1?
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: FurryNutz on January 15, 2013, 07:32:20 AM
Link>Welcome! (http://forums.dlink.com/index.php?topic=41537.0)
What Hardware version is your router? Look at sticker under router.
Link>What Firmware (http://forums.dlink.com/index.php?topic=47512.0) version is currently loaded? Found on routers web page under status.
What region are you located?

What ISP Service do you have? Cable or DSL?
What ISP Modem do you have? Stand Alone or built in router?
What ISP Modem make and model do you have?

If this modem has a built in router, it's best to bridge the modem. Having 2 routers on the same line can cause connection problems.
Double NAT (http://www.practicallynetworked.com/networking/fixing_double_nat.htm)
To tell if the modem is bridged or not, look at the routers web page, Status/Device Info/Wan Section, if there is a 192.168.0.# address in the WAN IP address field, then the modem is not bridged.
If the modem can't be bridged then see if the modem has a DMZ option and input the IP address the router gets from the modem and put that into the modems DMZ.
Check ISP MTU requirements, Cable is usually 1500, DSL is around 1492 down to 1472. Call the ISP and ask.

Some things to try: - Log into the routers web page at 192.168.0.1. Use IE, Opera or FF to manage the router.
Turn off ALL QoS (http://vonage.nmhoy.net/qos.html) or Disable Traffic Shaping (DIR only) GameFuel (DGL only and if ON.) options. Advanced/QoS or Gamefuel.
Turn off Advanced DNS Services if you have this option under Setup/Internet/Manual.
Turn OFF DNS Relay under Setup/Networking and manually enter in DNS addresses from the ISP under Setup/Internet/Manual?
Setup DHCP reserved IP addresses for all devices ON the router. Setup/Networking. This ensures each devices gets its own IP address when turned on and connected, eliminates IP address conflicts and helps in troubleshooting.
Ensure devices are set to auto obtain an IP address.
Set Firewall settings to Endpoint Independent for TCP and UDP under Advanced/Firewall.
Enable uPnP and Multi-cast Streaming under Advanced/Networking. Disable uPnP for testing Port Forwarding rules.
WAN Port Speed set to Auto or specific speed? Some newer ISP modems support 1000Mb so manually setting to Gb speeds can be supported by the router. Advanced/Advanced Networking/WAN Port Speed
Set current Time Zone, Date and Time. Use an NTP server feature. Tools/Time.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: Hard Harry on January 15, 2013, 08:51:33 AM
If you disable DNS relay, does the problem go away? What firmware are you running?

From what I have seen certain routers will have a problem with DNS requests internal to themselves. IE, if you query the NTP domain locally on the PC, it would work, but the router itself cant send the query.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 15, 2013, 10:48:18 PM
Just some more info:

My DIR-645 is h/w version A1.
I updated the f/w from 1.01 to 1.03 (the latest).

I'm in Israel and my WAN connection is via cable using a Motorola cable modem SBV5121 (no built-in router).
My ISP is Netvision connected via L2TP.
Since the modem has no router, my WAN IP is a public IP (217.132.....).

I am using the factory defaults for everything, except for configuring the bare minimum to obtain connectivity.

I did try disabling DNS relay and it made no difference.
I also tried entering the DNS servers under network settings.
However I don't think I tried entering the DNS servers and disabling DNS relay at the same time.

As I said, all devices on the router's LAN have no problem resolving hosts such as NTP and DDNS.
It is only the router itself that is unable to resolve any hosts.
I see many posts in various forums where NTP does not work for several models of DLink routers and it is my guess that this is a general bug with DLink routers where they are unable to resolve DNS entries.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: FurryNutz on January 16, 2013, 07:21:10 AM
Just some more info:

My DIR-645 is h/w version A1.
I updated the f/w from 1.01 to 1.03 (the latest).

I'm in Israel and my WAN connection is via cable using a Motorola cable modem SBV5121 (no built-in router).
My ISP is Netvision connected via L2TP.
Since the modem has no router, my WAN IP is a public IP (217.132.....).

I am using the factory defaults for everything, except for configuring the bare minimum to obtain connectivity.

I did try disabling DNS relay and it made no difference.
I also tried entering the DNS servers under network settings.
However I don't think I tried entering the DNS servers and disabling DNS relay at the same time. <Can you try to disable DNS Relay and then enter in manual DNS addresses to see if this helps?

As I said, all devices on the router's LAN have no problem resolving hosts such as NTP and DDNS.
It is only the router itself that is unable to resolve any hosts.
I see many posts in various forums where NTP does not work for several models of DLink routers and it is my guess that this is a general bug with DLink routers where they are unable to resolve DNS entries. NTP services work on all the routers I've tested including this one. Possible this could be an ISP service issue instead. Have you tried a different NTP server?

Maybe someone can review your router settings with you using Link> teamviewer (http://www.teamviewer.com) if your interested. Its safe and secure.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 16, 2013, 08:12:05 AM
OK I disabled DNS relay and copied the 2 DNS IPs from the status page to the Internet page, which restarted the L2TP connection. The router is still unable to resolve any hosts. This does not make any sense.

No NTP server choice will work since the router is unable to resolve ANY host. That is why I've forced the NTP host to be 61.67.210.241 which was what I got from a name lookup for ntp1.dlink.com:

> ntp1.dlink.com
Server:      192.168.2.1
Address:   192.168.2.1#53
Non-authoritative answer:
Name:   ntp1.dlink.com
Address: 61.67.210.241
Name:   ntp1.dlink.com
Address: 205.171.76.135

Which gives in the WUI:

The time has been successfully synchronized.
(NTP Server Used: 61.67.210.241, Time: 2013/01/16 17:59:40)
Next time synchronization: 2013/01/23 17:59:40

I doubt there is any setting I can change in the router - it seems like a router bug. If there was some way to ssh in I could see what is going on, but there isn't.

Since NTP works using the IP instead of hostname, that does not bother me any more.

More importantly, I wish I could get DDNS to work. It can't resolve dlinkddns.com to 216.146.38.125 so fails to update the outside IP.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: FurryNutz on January 16, 2013, 08:31:32 AM
After setting manual DNS and turning off DNS Relay, did you restart your PC or do a ipconfig /flushdns at the commend prompted before testing?

I need to dig up a thread that I think we had tested on this, either in here or in the 857 forum. I'll see if I can find it.  :-\
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 16, 2013, 09:10:19 AM
What has the PC got to do with anything? I only need the PC to get into the router's WUI. I can completely disable DNS on the PC since it only needs to connect to 192.168.2.1. It is not the PC that has the DNS problem, it is the router itself! I have to assume that the router is not updating its own resolv.conf file and therefore gethostbyname is failing when called by services such as NTP, SMTP, DDNS, ping...
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: FurryNutz on January 16, 2013, 09:24:45 AM
One you make changes on the router regarding DNS, anything connected to the router will need to be either restarted or the DNS caches flushes to get the new settings.

How are you attempting to execute an resolution process? Can you give us an example? Are you using a command line shell or some program?

I recommend that you phone contact DLink support, level 2 or higher and inquired about this to see if they can help you get this going and identify where the problem lies.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 16, 2013, 09:35:30 AM
I am not using any command line shell nor any program - you seem to be missing the point here. I am doing everything via the router's web UI (via FireFox). I browse to 192.168.2.1, then I click on the Tools tab and click on System Check and enter an address to ping (such as www.google.com). The router fails to ping the host since it is unable to resolve the IP.

Similarly for other router functions, such as emailing the router logs, updating dynamic DNS or time via NTP. It is the ROUTER that fails to resolve by DNS - NOT the PC!

Twice I emailed DLink support - no response.

I guess I will have to try phone them.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: FurryNutz on January 16, 2013, 09:55:49 AM
Thats more helpful information.

Doe it resolve if you try the IP address instead or will it allow an IP address?> 74.125.225.105
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 16, 2013, 11:00:23 AM
Yes if I try to ping an actual IP address from the router then the ping succeeds.
Similarly if I configure the SMTP server to email the router logs using an IP address instead of host name it succeeds.
If I force the NTP server to the actual IP it succeeds (as I already wrote earlier).

It is only DNS resolution that is failing (for the actual router).
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: Hard Harry on January 16, 2013, 11:10:09 AM
Yea, I have seen this before. I don't think its a problem with a certain series, because I have seen people with different Dlink routers, some have the issue, some don't. I just don't think it has ever been pinned down because its hard to completely rule out user error enough to isolate. You sound quite knowledgeable, maybe you can help?

Could you clear the logs, enable all options of logs, then reboot and post the results? I feel the error will show itself there. I doabt, as you say, you will be able to change anything in the UI to fix, but atleast then it will confirm the issue.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: FurryNutz on January 16, 2013, 11:19:27 AM
I just ran a ping test from my DIR-655 v2.10NA FW from the Check Status menu and it reported the following:
Response from www.google.com received in 43 milliseconds. TTL = 49
Response from www.google.com received in 81 milliseconds. TTL = 49
Response from www.google.com received in 43 milliseconds. TTL = 49
Response from www.google.com received in 44 milliseconds. TTL = 49
User stopped
Pings sent: 6
Pings received: 5
Pings lost: 1 (16% loss)
Shortest ping time (in milliseconds): 43
Longest ping time (in milliseconds): 81
Average ping time (in milliseconds): 50

Also using the IP address worked too.
I'll put my 645 on-line tonight and check it as well.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 16, 2013, 12:05:34 PM
This is an excerpt from the logs - the very first line being the only indication of a problem (which I also mentioned earlier) (empty resolv.conf):

[System]
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[Time]Wed Jan 16 12:58:27 2013
[Message:1]no servers found in /etc/resolv.conf, will retry
--------------------------------------------------------------------------------------------
[Time]Wed Jan 16 12:58:39 2013
[Message:2]DHCP: Client send DISCOVER.
--------------------------------------------------------------------------------------------
[Time]Wed Jan 16 12:58:39 2013
[Message:3]DHCP: Client receive OFFER from 172.18.144.176.
--------------------------------------------------------------------------------------------
[Time]Wed Jan 16 12:58:39 2013
[Message:4]DHCP: Client send REQUEST, Request IP 172.21.181.105 from 172.18.144.176.
--------------------------------------------------------------------------------------------
[Time]Wed Jan 16 12:58:39 2013
[Message:5]DHCP: Client receive ACK from 172.18.144.176, IP=172.21.181.105, Lease time=601976.
--------------------------------------------------------------------------------------------
[Time]Wed Jan 16 12:58:40 2013
[Message:6]pppd 2.4.2b3 started by (unknown), uid 0
--------------------------------------------------------------------------------------------
[Time]Wed Jan 16 12:58:41 2013
[Message:7]PAP authentication succeeded.
--------------------------------------------------------------------------------------------
[Time]Wed Jan 16 12:58:41 2013
[Message:8]IPCP: local IP address (217.132.254.65)
--------------------------------------------------------------------------------------------
[Time]Wed Jan 16 12:58:41 2013
[Message:9]IPCP: remote IP address (212.143.205.233)
--------------------------------------------------------------------------------------------
[Time]Wed Jan 16 12:58:41 2013
[Message:10]IPCP: primary DNS address (194.90.1.5)
--------------------------------------------------------------------------------------------
[Time]Wed Jan 16 12:58:41 2013
[Message:11]IPCP: secondary DNS address (212.143.212.143)
--------------------------------------------------------------------------------------------
[Time]Wed Jan 16 12:58:41 2013
[Message:12]WAN connected [L2TP]
--------------------------------------------------------------------------------------------
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: Hard Harry on January 16, 2013, 03:15:48 PM
Ok, I think its safe to say the problem is being caused by "[Message:1]no servers found in /etc/resolv.conf, will retry" but you kind of already knew that. And you have already kind of fixed the problem. The question is why the problem is happening. I can think of two possibilities:

1. The firmware is borked
If this is the case then the question is how is your firmware different then Furry's (assuming he can't replicate the issue). Is there a different hardware revision other then DIR-645 A1? Like maybe you have DIR-645 A1 EU and Furry has DIR-645 A1 NA? If so then Its possible it has a slightly different firmware, and that firmware has that bug, even with 1.03.

2. The router is unable to aquire DNS for resolv.conf at the point of the boot where it loads that into the config.
If this is the case, it could have to do with your LPTP connection. Notice the message 1 comes before Message 12. I don't have a emulator for the DIR-645 and don't have experience in the protocol, so what I am saying could be completely wrong, but its a possibility.

Only way I can think to test it is to set router to DHCP and connect it to another router? Then it can aquire DNS through DHCP and see if it saves it to resolv.conf. If it does, its either a ISP issue or a WAN config issue. If it doesn't its probably a firmware bug.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: FurryNutz on January 16, 2013, 04:45:26 PM
Ok, I have a successful ping using the System Check:
http://forums.dlink.com/index.php?topic=52109.0 (http://forums.dlink.com/index.php?topic=52109.0)

Here is a list of connections under Setup/Internet/Manual:
(http://i1195.photobucket.com/albums/aa396/furrynutz740il/Screenshot2013-01-16at53619PM.png)

I use manual custom DNS entries. Tested DNS Relay is ON and OFF.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 16, 2013, 10:24:08 PM
I checked the label on the bottom, and the h/w version is A1 but the last portion of the part number ends in ...A1E. Perhaps other units have another value here as Hard Harry mentioned. The f/w version is actually printed on the label too (1.01) which I immediately upgraded to 1.03 when I bought it.

I do not see how the problem can be related to the ISP since the router does successfully receive the DNS servers via L2TP when it connects. I suspect there is a f/w bug where it fails to enter these IPs into resolv.conf. There is a good chance that using a different protocol such as PPTP, PPPoE or just DHCP will solve the problem if the bug is limited to the L2TP implementation in the f/w. In which case if other users try L2TP they would see the same problem.

I will have more time over the weekend to play with this and I'll try see if I can use one of the other PP protocols or just DHCP/static to test the DNS somehow. Perhaps I'll have to setup an internal DNS server to test this. (I see the WUI has PP options for Russia/Dual Access too.)

I could also try inserting DNS entries directly into various parts of the config.xml to see if it makes a difference (a bit of a hack here since I don't fully understand how the config entries work together). I could post my config somewhere but it exceeds 20K so I can't just copy and paste it here in the forum.

Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 17, 2013, 04:49:38 AM
I was thinking about the problem and had an idea. I then read http://forums.dlink.com/index.php?topic=46615.0 (http://forums.dlink.com/index.php?topic=46615.0) which reinforced what I was thinking, namely:

Perhaps the DNS IPs are inserted into resolv.conf after they are obtained via L2TP after all, but when the kernel tries to use these to resolve names for requests issued by the router itself, the connection to the DNS server is routed directly via the WAN interface rather than the LAN interface (192.168.0.1). As a result the DNS packet bypasses the L2TP stack and is therefore not routed to the ISP! The only way the DNS server can be reached is via L2TP as it is outside of the cable company's network.

What I will try is to enable DNS relay, then set the secondary DNS to 192.168.0.1 (overriding the value obtained via L2TP). Client DNS requests will be forwarded to the primary DNS as before. The router's own request (via the kernel) to the primary DNS will fail, so the kernel will try the secondary DNS of 192.168.0.1 and connect to the router's own DNS daemon (relay), which in turn will resolve via the primary DNS which should succeed.

Will try it this weekend. I'll also attach a sniffer to the WAN port to try confirm if this is what is happening.

The only thing bugging me about this theory is that if the router tries to connect to various external IPs (such as to ping an IP, update via NTP, or email via SMTP), that works just fine, so connections to these IPs are definitely going via the L2TP encapsulation. In which case why not the same for DNS? Either a route is being added just for DNS (as suggested by Gamification in his post), bypassing L2TP, or these other programs all force the use of the LAN interface guaranteeing connection via L2TP (something the kernel can't do for name resolution - that requires adding a route definition).
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: FurryNutz on January 17, 2013, 06:53:47 AM
I checked my label this morning and I only see A1 on mine. So there maybe some differences between A1 and A1E.

One thing I would recommend after you do your testing, I would phone contact DLink support for your region and talk to someone, say level 2 or higher, higher being preferred as this is somewhat of a low level FW issue that can't be resolved probably by level 1 support.

Please let us know what they say.

I checked the label on the bottom, and the h/w version is A1 but the last portion of the part number ends in ...A1E. Perhaps other units have another value here as Hard Harry mentioned. The f/w version is actually printed on the label too (1.01) which I immediately upgraded to 1.03 when I bought it.

I do not see how the problem can be related to the ISP since the router does successfully receive the DNS servers via L2TP when it connects. I suspect there is a f/w bug where it fails to enter these IPs into resolv.conf. There is a good chance that using a different protocol such as PPTP, PPPoE or just DHCP will solve the problem if the bug is limited to the L2TP implementation in the f/w. In which case if other users try L2TP they would see the same problem.

I will have more time over the weekend to play with this and I'll try see if I can use one of the other PP protocols or just DHCP/static to test the DNS somehow. Perhaps I'll have to setup an internal DNS server to test this. (I see the WUI has PP options for Russia/Dual Access too.)

I could also try inserting DNS entries directly into various parts of the config.xml to see if it makes a difference (a bit of a hack here since I don't fully understand how the config entries work together). I could post my config somewhere but it exceeds 20K so I can't just copy and paste it here in the forum.


Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 19, 2013, 10:54:09 AM
I did not have time to setup a sniffer on the WAN port, but I did manage to telnet into the router!

This is what I see in /etc/resolv.conf:

Code: [Select]
# Auto-Generated
nameserver 192.168.101.102
nameserver 192.168.101.101
nameserver 194.90.1.5
nameserver 212.143.212.143
search

The first 2 IPs are dummy values that it sticks in - they should not be there! In the config file these are listed under udhcpc (which is the BusyBox micro DHCP cllient). The next two IPs are correct.

However ping of a host name fails.

This is the routing table:

Code: [Select]
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
212.143.205.233 *               255.255.255.255 UH    0      0        0 ppp0
212.143.205.253 172.21.160.1    255.255.255.255 UGH   0      0        0 eth2.2
192.168.2.0     *               255.255.255.0   U     0      0        0 br0
172.21.160.0    *               255.255.224.0   U     0      0        0 eth2.2
239.0.0.0       *               255.0.0.0       U     0      0        0 br0

The first route is to the L2TP peer via ppp0.
i don't know what the second one is for but 172.21.160.1 is the router IP defined for udhcpc. I think this might be the DHCP assigned external IP from the cable company before L2TP is connected.
The route for both is via eth2.2 (WAN port).
The internal network is reached via br0.
Not sure what network 239.* is for.

The name resolution is failing because of the 1st 2 entries.
If I delete the bad entries, then name resolution starts working!!
So now Dynamic DNS is working too!

I'm not sure how to make the fix permanent though (a router reboot, and probably just reconnecting L2TP might put back the bad values again). I'll have to watch it and see what happens.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: FurryNutz on January 19, 2013, 11:36:17 AM
Can you detail us how you telnet in and how are you changing the values?

Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 19, 2013, 12:06:20 PM
The telnet daemon starts up about a minute after the router is rebooted, but if no attempt is made to telnet in it shuts down again about a minute later, so you have to reboot the router first.
  Via the web UI, Tools tab, System, click Reboot Device to reboot the router.

Then telnet to the internal IP - for example:
 telnet 192.168.0.1
After about 5 seconds press Ctrl-C to abort and try again continuously until the connection succeeds.

The only username it will accept is 'Alphanetworks'. The password is the signature in the config.bin file (save Configuration from web UI). (Open the config with a hex editor and look for signature=...). On linux (I'm using Mac OSX) you can enter this to see the signature:

hdr_len=$((0x$(xxd -s 4 -l 4 -p config.bin)))
dd ibs=1 skip=28 count=${hdr_len} if=config.bin 2>/dev/null | tr '\0' '\n'


For f/w 1.03 the password is 'wrgn39_dlob.hans_dir645_V1'.

Once you are logged in telnet seems to keep running as long as you are busy with it.

To edit resolv.conf I just echo'ed the required lines as follows:

echo "nameserver 194.90.1.5" > /var/etc/resolv.conf
echo "nameserver 212.143.212.143" >> /var/etc/resolv.conf
echo "search" >> /var/etc/resolv.conf


Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: FurryNutz on January 19, 2013, 12:21:26 PM
Wow, thank you for sharing. You've done alot of work.

I think I would phone contact Dlink and see if this can be resolved. I don't know if this would be an issue on the other ISP connections or is limited to L2TP. You would have to take this to a different location and to an ISP that uses PPPoE or DHCP to see if this behavior follows or not. Really seems like an issue on the L2TP connection. DLink should be made aware of it. Ask for level 3 I think.

I'll try this out on my 645 since I have a DHCP connection with my iSP and see if I can reproduce the same thing.

Keep us posted.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: Hard Harry on January 19, 2013, 12:32:53 PM
Yea, I agree with Furry, at this point I would suggest contacting Dlink. I would say email them first at customerservice@dlink.com  (Furry, could you confirm this is valid/best way to electronically contact them?). I think most of this stuff would go over most Tier1 (no offense to Dlink support). That way if/when you do call, at least you will have a ticket open or something to reference.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: FurryNutz on January 19, 2013, 12:38:37 PM
I don't recommend email contact as that, at least in my experience, is basic or level 1 support. This needs Level 3 at least. Phone contact is best in this case.

What hex editor in OSX are you using? I'm using OSX 10.6.8.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: Hard Harry on January 19, 2013, 12:42:49 PM
Good to know.

I found something interesting though. Looks like the Europe model firmware is different.Latest is 1.02 b11. It can be found here. (http://www.dlink.com/uk/en/home-solutions/connect/routers/dir-645-wireless-n-home-router-1000) Maybe the firmware is specifically written to work better with some of the ISP you find more commonly in Europe? I tried looking on the Israel site, but they don't have firmware listed. Odd. Either way I say contact support to confirm the best firmware for your particular model.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 19, 2013, 12:53:02 PM
For hex editing on OSX Mountain Lion (v10.8.2), I'm using 0xED (v1.1.3).
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: FurryNutz on January 19, 2013, 01:12:28 PM
Awesome, used 010 Editior, demo.
I found this for v1.02 FW:
FW v1.02> signature=wrgn39_dlob.hans_dir645

And it works, I was able to telnet in and see the directories. Very interesting.

Anyways, keep us posted on how it goes and what DLink says. I highly recommend Phone contact and get level 3 if you can support.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 19, 2013, 11:43:04 PM
OK I had a closer look at what is going on.

First the router makes a DHCP request (using the utility udhcpc (Micro DHCP Client)) on its WAN port.
The cable company's DHCP server (172.18.144.176) responds with this offering:
  IP: 172.21.181.174/19
  Gateway: 172.21.160.1
  DNS: 192.168.101.102, 192.168.101.101

Note the their DNS servers have private IPs and do not resolve the entire internet - they are internal DNS servers that only have a handful of entries to serve the cable company. The hosts served up by these DNS servers include only the cable company itself, as well as the L2TP gateway IPs of the various ISPs such as:
  cable.netvision.net.il 212.143.209.13.
All other hosts (such as google, dlink, etc.) resolve as 172.18.130.37 which is a web server at the cable company that serves a page advertising the various ISPs in order to get internet service.

The router therefore creates the routing rules I posted earlier and adds the DNS servers to the resolv.conf file.

At this point the L2TP dialer script is run and establishes a connection via the gateway mentioned above (212.143.209.13), and receives a new "L2TP DHCP" response giving:
  IP: 217.132.242.23/32
  Peer IP: 212.143.205.233
  DNS: 194.190.1.5, 212.143.212.143

The router then appends the new DNS servers to resolv.conf instead of replacing the previous values. So there are 4 DNS servers (even though the kernel by default will never attempt more than 3).

The problem is the first 2 DNS servers are not proper DNS servers and resolve everything to that internal web server of the cable company (172.18.130.37). Well actually, now that everything is going via L2TP, the router can no longer even reach these DNS servers so name resolution fails. It tries the first 2 servers only and never tries the 3rd one (the good one), since by default the maximum resolve attempts is 2.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: Hard Harry on January 20, 2013, 03:02:18 AM
Have you look at the firmware for the Europe model? I couldn't find release notes, but I wonder if it might help? Being that your model is a European type. Probably won't change anything but...
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 20, 2013, 03:50:21 AM
I doubt it would make a difference, and that version is 10 months older. I will call D-Link support in the USA (+1-877-453-5465) on Monday evening and see what they have to say.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: Hard Harry on January 20, 2013, 05:03:12 AM
Newer doesn't always mean better. Specially when they might not be the same firmware. But yea, let us know what Dlink says.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 21, 2013, 01:07:50 PM
Well I tried calling their support number, navigated the voice prompts to router support, was on hold for 10 minutes (and this is an international phone call) and eventually could not get though to anyone who deals with this product. They told me to call another customer support number 1800-326-1688 but by then I lost my patience. I tried submitting a report via the online form but clicking submit gives the error "the URL cannot be found".
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: FurryNutz on January 21, 2013, 01:12:41 PM
Did you try the UK web site and there support number?

Keep us posted.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 21, 2013, 01:14:54 PM
UK support told me to goto tsd.dlink.com.tw (http://tsd.dlink.com.tw) to get f/w v1.03 b11 (9 Oct 2012) which is newer than the b08 (28 Jun 2012) on the USA site, and he said it is an international release. If that has the same bug then I should submit the bug report via their online support portal. So I will try it out and see.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 22, 2013, 02:26:48 AM
Same bug in b11 :(
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: Hard Harry on January 22, 2013, 03:40:44 AM
Im not sure what to tell you. Even if you get it in the right hands, a firmware update wouldn't be out for a couple months at best. I would say just settle for the work around you figured out or RMA it. JMHO Sorry we couldn't fix the issue, but at least there is a complete documentation of the issue if anyone should experience it. Thanks again for your help.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 22, 2013, 03:43:36 AM
I managed to submit a case via dlink UK (their JD Edwards EnterpriseOne portal). It tells me my serial number is invalid but that I can still proceed, but then it tells me that "DIR-645" in the product field is not a DLink product!!! I had to change it to "DIR-645/B" which worked (after calling support again)!
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 22, 2013, 04:00:04 AM
My workaround to fix the DNS was changed from the echo's above to simply:

cp /var/etc/ppp/resolv.conf.WAN-1 /var/etc/resolv.conf

However when the L2TP connection is updated, and Dynamic DNS needs to be updated, the DNS entries are messed up again, so I added an entry to the hosts file which will hopefully survive that:

echo "216.146.38.125 dlinkddns.com" >> /var/hosts

I also have tried extend the telnet timeout by starting a new telnet daemon on a different port (and with password of my choice) with:

telnetd -l /usr/sbin/login -u Alphanetworks:myownpassword -t 0 -p 22 -i br0 &

Then telnet in with telnet 192.168.0.1 22
(Default telnet is port 23.  Port 22 is for ssh, but there is no sshd in the f/w.)
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: FurryNutz on January 22, 2013, 06:46:05 AM
Awesome info. Glad you were finally able to get through to support and set a ticket submitted. Keep on them and keep us posted if they respond.

Hopefully they will fix this. I'll eventually move this thread to the archive as this is good information and resource on the back end of this router.

Thank you for sharing.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 23, 2013, 01:37:29 PM
I can't wait months for them to fix it so I'm fixing it myself. This is the fix:
/etc/events/UPDATERESOLVE.php.patch
Code: [Select]
16a17,37
>
> $have_ppp4_dns=FALSE;
> $have_ppp6_dns=FALSE;
>
> foreach ("/runtime/inf")
> {
> $addrtype = query("inet/addrtype");
> if ($addrtype!="ppp4" && $addrtype!="ppp6") { continue; }
> if (query("inet/".$addrtype."/valid")!="1") { continue; }
> if ($addrtype=="ppp4")
>     {
>             if ($opendns_type=="family" || $opendns_type=="parent") { continue; }
>     }
> foreach ("inet/".$addrtype."/dns")
> {
>     if ($addrtype=="ppp4")          { $have_ppp4_dns=TRUE; }
>     else if ($addrtype=="ppp6")     { $have_ppp6_dns=TRUE; }
>     break;
> }
> }
>
22a44
>         if ($addrtype=="ipv4" && $have_ppp4_dns==TRUE) { continue; }
75a98
>         if ($addrtype=="ipv6" && $have_ppp6_dns==TRUE) { continue; }

Now all I have to do is build a new f/w image and flash my router. While I'm at it I'll change telnet to not shutdown and to use the Admin user and password same as the web UI. :)
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: FurryNutz on January 23, 2013, 01:41:04 PM
I presume you have to input that into a file and then use that in the new FW image?

Please share the steps involved.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 23, 2013, 01:45:04 PM
I have to unsquash the latest f/w 1.03, edit that particular file (apply the patch), and repack it again. Simple in theory, but sometimes there can be unexpected difficulties.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: FurryNutz on January 23, 2013, 01:46:56 PM
Keep us posted.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 23, 2013, 10:44:42 PM
I know this forum is not for hacking or discussion of custom f/w for DLink products, and fixing a bug perhaps falls into a gray area, so if I'm not supposed to write about this here please let me know - I don't want to break any forum rules. :)

First of all, this is how I edited and tested the changes:

Whenever an interface comes up it raises the UPDATERESOLV event. This launches the script /etc/events/UPDATERESOLVE.sh, which in turn removes the DNS routes, launches UPDATERESOLV.php and adds the routes back again (via scripts created by UPDATERESOLV.php).

However /etc is on a read-only file system, so first I copied the files to /var which is a ramdisk (and flagged them as executable):
  cp /etc/events/UPDATERESOLV* /var
  chmod 755 /var/UPDATERESOLV*

Execute the script and check the result:
  /var/UPDATERESOLV.sh
  cat /etc/resolv.conf

Now how to easily edit and run the script? Fortunately the DIR-645 has a USB port. Just plug in a memory stick (FAT32) and it is automatically mounted as /var/tmp/storage/SanDisk_Cruzer_A1071 (or a similar name). It is the first time I've plugged in a memory stick, and I was surprised to see it automatically pop up on my Mac as a network drive called DIR-645 without me having to do anything. I think I already installed the SharePoint Plus utility that must have done that for me.  ;D

Now just copy the files to the memory stick:
  cp /var/UPDATERESOLV* /var/tmp/storage/SanDisk_Cruzer_A1071

Then open them on my Mac using XCode (free in the AppStore) and edit them.

First change the path in the UPDATERESOLV.sh script from /etc/events/UPDATERESOLV.php to /var/UPDATERESOLV.php.
Then make the changes in the php file itself. Odd cut down version of PHP - it does not allow things like parenthesis in an if statement to group logical operators...

Then copy the files back to /var and run it again until all is working as it should.
  cp /var/tmp/storage/SanDisk_Cruzer_A1071/UPDATERESOLV* /var
  /var/UPDATERESOLV.sh

Of course when the connection is restarted the original scripts run and not my version. To replace those read-only files I have to now build a new firmware.bin file (by editing the same file there) and upgrade the router. I'll have time on the weekend to do that. How? Just Google firmware-mod-kit and you will find all the info and tools described there (one has to use the newer version of the scripts with -ng in the name).
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: FurryNutz on January 24, 2013, 06:44:48 AM
I think this could be ok since you are actually trying to fix something rather than trying to modify something that isn't broke persae. I think we'll call this a Modification.

Users will need to be aware that DLink will not officially support this and it's at Users own risk in attempting this modification and could void warranties.

I think the risk is fairly low and the modification to help clear up this DNS issue that seems to be with the DIR-645 and on your particular ISP.

Thank for sharing and hope this might help others with this condition.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 31, 2013, 01:05:26 AM
Well I started up a new DIR-645 with the factory-shipped f/w 1.01, and let the wizard try configure it. It then tried to "detect internet settings" which I eventually had to cancel, and manually set to L2TP. Once connected it inserted the ppp DNS entries in resolv.conf followed by the ipv4 (dhcp) DNS, so DNS was working correctly and NTP succeeded, as did the DDNS update.

However as soon as the L2TP connection is reset or the router is rebooted, the order of the DNS entries switches round again to ipv4 first, followed by ppp, so DNS stops working.

Then I saw another strange bug, that happened the last time I connected a new router for the first time, and seems to get into an endless L2TP connect/disconnect loop, during which time only the correct ppp DNS entries are put into resolv.conf and not the ipv4 entries, but there is no internet connectivity. I think I'll describe this problem in more detail in a new thread (by this point I'd upgraded to 1.03 b11).

I also noticed some glitches in the wizard after the upgrade.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: FurryNutz on January 31, 2013, 07:20:47 AM
Are you still thinking of changing from L2TP to DHCP?
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on January 31, 2013, 10:37:51 AM
Yes, I forgot to call them today - too caught up in work...
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: FurryNutz on January 31, 2013, 10:54:39 AM
I'm hoping moving to DHCP will help resolve this as I presume this is a bug with the FW when using L2TP.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on February 02, 2013, 08:54:20 AM
I just successfully flashed my DIR-645 with a modified version of 1.03b11 and the DNS problems are fixed for L2TP! The new fix is a little different to what I tried before - I now add all DNS entries just as in the original f/w, but I ensure that PPP entries always come before DHCP entries so they have priority!
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: FurryNutz on February 02, 2013, 09:46:07 AM
Awesome man. Keep us posted on how it works and if you still swtich to DHCP ISP.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on February 04, 2013, 01:08:36 PM
Since flashing my modified f/w, the router has been working perfectly for 2 1/2 days now. NTP, Dynamic DNS, all working flawlessly.

However tonight my ISP and the cable company upped me from 12/1Mb to 30/1.5Mb which meant they changed the connection from using L2TP to straight DHCP (based on the MAC of the modem).

So now I'm using DHCP and getting the correct DNS servers via the response. Everything still working great.

I'm just wondering about the speeds now (this should probably be under a new topic). From the modem I get 30Mb/s, and via the router LAN I get 30 too, but via WiFi I only get 15Mb/s. (I also have a LAN connection via a DLink DNP-308AV mains cable network extender and that gives me only 10Mb/s (with a red light indicating a poor mains connection at present).) Any idea how fast the WiFi should be?
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: FurryNutz on February 04, 2013, 01:12:08 PM
Awesome. I think we could call this one resolved huh?  ::)
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on February 04, 2013, 01:20:41 PM
Yes definitely resolved (providing users are prepared to flash a custom f/w :) ).
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: FurryNutz on February 05, 2013, 07:23:56 AM
Does this not work with out using custom FW or does the FW still need to be modified if you using DHCP ISP services?
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: ambercap on February 05, 2013, 08:45:57 AM
If using just DHCP then the router only receives the correct DNS via DHCP and custon f/w is NOT required.

If using L2TP with Dynamic IP (ie. on top of DHCP) then the custom f/w is needed to fix the DNS entries.
Title: Re: DIR-645 unable to resolve names via DNS (DNS is working OK on internal network)
Post by: FurryNutz on February 05, 2013, 08:49:21 AM
Awesome.

Thanks for the info man. Hope DHCP and the 645 work well for you now.