I currently operate an all Mikrotik wireless network. Recently I started noticing issues when loading certain websites. I have isolated the problem and it is associated with the DNS server.
When a client asks for a dns resolution it first asks the CPE, the CPE then asks the server and the server in turn asks my ISP DNS server as a last resort.
The problem appears when loading yahoo, ebay, and various other websites (many of them are on hosted on the akemi network). You can ping, traceroute, and the dns does resolve, but the page will just load blank, partially load, or take very long times to load.
If I alter the CPE and tell it to go directly to my ISPs DNS servers the problem disappears.
Has anyone else had these issues?
I have altered the cache-max-ttl times to 1h on the main server.
-
-
MyThoughts
Member Candidate
- Posts: 218
- Joined:
Unfortunately the network is fairly large and we recently switch from PPPoE authentication to PPTP authentication on the CPE devices (went from bridged network to a routed one). This makes it take a very long time to switch over CPE equipment to different settings (PPTP client doesn't have any option to use peer DNS Servers like PPPoE, a flaw I found out too late after switching the network over).
You are correct in that if I use just my server's DNS (cpe tells DHCP client to go directly to my server instead of itself 1st), everything works. I was just trying to improve response and reduce unnecessary traffic on the wireless network by resolving as close to client as possible.
This is what I want to work (but is not):
DHCP Client ----> CPE DNS Server ---> Main DNS Server ---> ISP DNS
6h 1h
The time underneath is the max-cache-ttl I have tested at to no avail.
This is what does work (but not what I really want):
DHCP Client ---> Main DNS Server ---> ISP DNS
OR
DHCP Client ---> CPE DNS Server ---> ISP DNS
Like i mentioned earlier 90+% of websites work only very few don't.
For repeatability ebay and yahoo seem to have problems the most.
You are correct in that if I use just my server's DNS (cpe tells DHCP client to go directly to my server instead of itself 1st), everything works. I was just trying to improve response and reduce unnecessary traffic on the wireless network by resolving as close to client as possible.
This is what I want to work (but is not):
DHCP Client ----> CPE DNS Server ---> Main DNS Server ---> ISP DNS
6h 1h
The time underneath is the max-cache-ttl I have tested at to no avail.
This is what does work (but not what I really want):
DHCP Client ---> Main DNS Server ---> ISP DNS
OR
DHCP Client ---> CPE DNS Server ---> ISP DNS
Like i mentioned earlier 90+% of websites work only very few don't.
For repeatability ebay and yahoo seem to have problems the most.
-
-
MyThoughts
Member Candidate
- Posts: 218
- Joined:
This is not an MTU setting problem. I have already worked with MTU setting when getting hotmail to load correctly. I did test to see if this was related to MTU originally when the problem appeared.
I tried increments of 25 from 1200 to 1400, and increments of 10 from 1400 to 1500. It had no affect on these web sites. As I mentioned if I alter the dns server everything works. I was just trying to optimize preformance by resolving dns as close to customer as possible. I would still prefer the resolve at cpe then at my server then at ISP. BUT as this has not been working I switched everything to resolve at my server then my ISP until I find out why this doesn't work.
I tried increments of 25 from 1200 to 1400, and increments of 10 from 1400 to 1500. It had no affect on these web sites. As I mentioned if I alter the dns server everything works. I was just trying to optimize preformance by resolving dns as close to customer as possible. I would still prefer the resolve at cpe then at my server then at ISP. BUT as this has not been working I switched everything to resolve at my server then my ISP until I find out why this doesn't work.
I too have seen this problem, it is mostly showing up on Mac OSX 10.3/4 clients, but it sometimes effects PCs too.
These clients are connecting using PPPoE directly or using a router onto both ROS 2.8.19 or 2.9.28 access concentrators which makes me think it is something to do with the clients rather than the MikroTik router.
These clients are connecting using PPPoE directly or using a router onto both ROS 2.8.19 or 2.9.28 access concentrators which makes me think it is something to do with the clients rather than the MikroTik router.
we need the support output file when you have problems with the CNAME. Send the support output file to support@mikrotik.comYes we have this problem to. and to resolve it is to get a own DNS server.
The MT dns cant handel CNAME corectly and other problems.
i hope they update that code soon .
//Rickard
what is CNAME ?we need the support output file when you have problems with the CNAME. Send the support output file to support@mikrotik.comYes we have this problem to. and to resolve it is to get a own DNS server.
The MT dns cant handel CNAME corectly and other problems.
i hope they update that code soon .
//Rickard
Who is online
Users browsing this forum: No registered users and 8 guests