You are not logged in.
- Topics: Active | Unanswered
#1 2020-05-28 16:17:49
- beardoof
- Member
- Registered: 2019-11-13
- Posts: 14
[SOLVED] Connection not working after changing DNS server in my router
I have started studying the hosts file and how it can be used to redirect unwanted traffic (like ads and tracing stuff) into the 0.0.0.0 IP address. I started trying to manually edit the hosts to accomplish this, but quickly realized someone must have already done it. I ended up finding hosts files online that have enormous lists of ad addresses, which I began using sporadically. Then I bumped into DNS servers like AdGuard, and decided to give them a shot. First I used it directly on resolv.conf, but my network manager would override it eventually. I was also interested in blocking ads for my entire home network, so I snooped around a little and realized I could change DNS at router level, so I did.
This was yesterday night, and it worked perfectly. I changed my DNS server to adguard's primary and secondary ones, and I had to change nothing on my devices for it to work. I noticed, however, that that my Android phone did not inherit the router's DNS server, for some weird reason. I know this isn't the proper place to ask about android, but I use my android as reference to check if I f*cked up my arch network since I don't have windows or other GNU/linux distro installed, so please bear with me. Anyway, I was okay with that, I went to sleep, and today I woke up to find none of my devices have a working internet connection. I noticed that there was a major outage on AdGuard's servers during this night, so I guess this could have been the root cause of the internet connection problem. All my router lights were looking fine.
At this point, I decided to use a different backup DNS server, so I picked OpenDNS. It did not seem to have any effect, as my network was still down. However, my phone went back to working properly after rebooting the router and checking if the DNS server changes were persistent. My resolv.conf matches exactly my router settings:
# Generated by resolvconf
nameserver 176.103.130.130
nameserver 208.67.222.222I'm currently using netctl as my network manager, with dhcpcd installed (but not enabled) and wpa_supplicant installed. I also have nftables and bind for security measures. Here is my systemctl --type=service output:
UNIT LOAD ACTIVE SUB DESCRIPTION
dbus.service loaded active running D-Bus System Message Bus
getty@tty1.service loaded active running Getty on tty1
kmod-static-nodes.service loaded active exited Create list of static device nodes for the current kernel
lvm2-lvmetad.service loaded active running LVM2 metadata daemon
lvm2-monitor.service loaded active exited Monitoring of LVM2 mirrors, snapshots etc. using dmeventd or progress polling
named.service loaded active running Internet domain name server
netctl@moto\x2dg4.service loaded active exited Networking for netctl profile moto-g4
nftables.service loaded active exited Netfilter Tables
ntpd.service loaded active running Network Time Service
polkit.service loaded active running Authorization Manager
postgresql.service loaded active running PostgreSQL database server
rtkit-daemon.service loaded active running RealtimeKit Scheduling Policy Service
systemd-backlight@backlight:intel_backlight.service loaded active exited Load/Save Screen Backlight Brightness of backlight:intel_backlight
systemd-fsck@dev-disk-by\x2duuid-4B98\x2d9FB1.service loaded active exited File System Check on /dev/disk/by-uuid/4B98-9FB1
systemd-journal-flush.service loaded active exited Flush Journal to Persistent Storage
systemd-journald.service loaded active running Journal Service
systemd-logind.service loaded active running Login Service
systemd-random-seed.service loaded active exited Load/Save Random Seed
systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems
systemd-sysctl.service loaded active exited Apply Kernel Variables
systemd-timesyncd.service loaded active running Network Time Synchronization
systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev
systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories
systemd-udev-trigger.service loaded active exited udev Coldplug all Devices
systemd-udevd.service loaded active running udev Kernel Device Manager
systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown
systemd-user-sessions.service loaded active exited Permit User Sessions
upower.service loaded active running Daemon for power management
user-runtime-dir@1000.service loaded active exited User Runtime Directory /run/user/1000
user@1000.service loaded active running User Manager for UID 1000
wpa_supplicant.service loaded active running WPA supplicant And this is the output of my home network profile:
Description='Automatically generated profile by wifi-menu'
Interface=wlp1s0
Connection=wireless
Security=wpa
ESSID=CasterlyRock
IP=dhcp
Key=\"4505ab467eb0d174faeb331ca70a2f2742f4f8531487a4c99fb7cde6432456fdAlthough it says Security=wpa, the router is actually configured to accept only WPA2. I don't know if that's an issue.
Also, the weird thing is, if I directly ping an IP, I still get no response:
[felipe@inspiron5566 ~] ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
From 186.206.144.24 icmp_seq=1 Destination Host Unreachable
From 186.206.144.24 icmp_seq=2 Destination Host Unreachable
From 186.206.144.24 icmp_seq=3 Destination Host Unreachable
From 186.206.144.24 icmp_seq=4 Destination Host Unreachable
From 186.206.144.24 icmp_seq=5 Destination Host Unreachable
From 186.206.144.24 icmp_seq=6 Destination Host Unreachable
^C
--- 8.8.8.8 ping statistics ---
7 packets transmitted, 0 received, +6 errors, 100% packet loss, time 6055ms
pipe 3Shouldn't I still be able to ping 8.8.8.8 if the problem was with the DNS server?
Last edited by beardoof (2020-05-28 19:05:14)
Offline
#2 2020-05-28 16:57:14
- seth
- Member
- Registered: 2012-09-03
- Posts: 60,974
Re: [SOLVED] Connection not working after changing DNS server in my router
Yeah, somebody has done that.
http://winhelp2002.mvps.org/
http://winhelp2002.mvps.org/hosts.txt
However the inability to ping an IP does not relate to DNS at all.
Outputs of
ip a; ip r?
Can you ping your router IP?
Can you log into your router?
Can you initiate a ping from the router? (some provide such service or have an outright telnet login w/ a shredded linux installation below)
Online
#3 2020-05-28 17:01:44
- Zod
- Member
- From: Hoosiertucky
- Registered: 2019-03-10
- Posts: 634
Re: [SOLVED] Connection not working after changing DNS server in my router
You should probably post your internal network IP address space and the internal address of the router.
Also, the results of..
$ ip addr
$ ip routefrom a couple of clients.
Also, check the router dhcp configuration that it is handing out the right info.
Edit: Drat!
Edit1: traceroute would be a handy utility to have, that power outage could be with your ISP.
Last edited by Zod (2020-05-28 17:25:28)
Offline
#4 2020-05-28 17:42:13
- beardoof
- Member
- Registered: 2019-11-13
- Posts: 14
Re: [SOLVED] Connection not working after changing DNS server in my router
Output of ip address:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp2s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 84:7b:eb:fd:e0:14 brd ff:ff:ff:ff:ff:ff
3: wlp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 54:13:79:fd:0d:69 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.21/24 brd 192.168.0.255 scope global dynamic noprefixroute wlp1s0
valid_lft 86362sec preferred_lft 75562sec
inet6 2804:14c:5be0:8434:5613:79ff:fefd:d69/64 scope global dynamic mngtmpaddr
valid_lft 86395sec preferred_lft 71995sec
inet6 fe80::5613:79ff:fefd:d69/64 scope link
valid_lft forever preferred_lft foreverOutput of ip route:
default via 192.168.0.1 dev wlp1s0 proto dhcp src 192.168.0.21 metric 303
192.168.0.0/24 dev wlp1s0 proto dhcp scope link src 192.168.0.21 metric 303 Can you ping your router IP?
Yes, I can.
PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
64 bytes from 192.168.0.1: icmp_seq=1 ttl=64 time=11.9 ms
64 bytes from 192.168.0.1: icmp_seq=2 ttl=64 time=4.61 ms
64 bytes from 192.168.0.1: icmp_seq=3 ttl=64 time=4.70 ms
64 bytes from 192.168.0.1: icmp_seq=4 ttl=64 time=76.7 ms
^C
--- 192.168.0.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 4.610/24.473/76.706/30.300 msCan you log into your router?
From my wi-fi, no. because I specifically told my router to accept only wired connections to login into the admin interface. From a wired connection. yes, I can, on 192.168.0.1.
Can you initiate a ping from the router? (some provide such service or have an outright telnet login w/ a shredded linux installation below)
I didn't know I could, but I can. I pinged 8.8.8.8 from inside the router admin interface and all the requests timed out.
You should probably post your internal network IP address space
I'm not sure this is what you're talking about, but on my LAN/DHCP server router admin config says this:
IP WAN address: 186.206.144.24
WAN subnet mask: 255.255.240.0
WAN gateway IP address: 186.206.144.1
Primary DNS: 176.103.130.130
Secondary DNS: 208.67.222.222
3rd DNS: 0.0.0.0EDIT: replying to Zod's edit
Edit1: traceroute would be a handy utility to have, that power outage could be with your ISP.
Thanks for the tip. I installed it, here's the output (which I don't understand, what's with the "!H"s?):
[felipe@inspiron5566 ~] traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1 _gateway (192.168.0.1) 4.740 ms 8.888 ms 8.877 ms
2 186.206.144.24 (186.206.144.24) 1313.176 ms !H 1313.163 ms !H 1313.142 msI think it's also worth mentioning that yesterday I did a factory reset on my router. Snooping around, I realized that it appears to have a static IP instead of automatically fetching one. I'm pretty sure, this being a personal connection, that it shouldn't be like this. I just thought that the factory settings would default to auto IP, but appearently it doesn't? Is it possible that I can't use the IP I was using last night and I need to configure it to automatically fetch IPs? The admin interface is really terrible - it tries to be user friendly but it ends up being just confusing and malfunctioning, so I'm a bit afraid of changing settings I'm not confortable with.
EDIT 2: No matter what the problem is, why is it that my phone can connect to my wi-fi, but my pc running arch cannot? I also noticed that not all domain names are accessible through my phone. I can't reach reddit, for example, via wi-fi, but I can do it through my mobile connection.
Last edited by beardoof (2020-05-28 17:59:31)
Offline
#5 2020-05-28 17:58:12
- Zod
- Member
- From: Hoosiertucky
- Registered: 2019-03-10
- Posts: 634
Re: [SOLVED] Connection not working after changing DNS server in my router
Well, that would explain this..
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
From 186.206.144.24 icmp_seq=1 Destination Host UnreachableThat's the external interface of your router saying there is no next hop.
This guy is either down or does not exist..
WAN gateway IP address: 186.206.144.1Offline
#6 2020-05-28 18:15:19
- beardoof
- Member
- Registered: 2019-11-13
- Posts: 14
Re: [SOLVED] Connection not working after changing DNS server in my router
Yep, you guys were right. This wasn't a DNS problem, my router was trying to use an IP it no longer had access to. Turning auto-fetch IP solved the problem. However, it overrides my DNS config when it's on dynamic IP. If I turn on AdGuard / OpenDNS again, it overrides the dynamic IP and makes it static again, which would force me to renew my IP every 20h... So I guess I can't really set up a custom DNS on my router level. I'm curious: is this standard behavior, or is it specific to my router?
I suppose I'll try one of the tricks to write-protect resolv.conf on my arch install and settle for that.
Offline
#7 2020-05-28 18:20:38
- seth
- Member
- Registered: 2012-09-03
- Posts: 60,974
Re: [SOLVED] Connection not working after changing DNS server in my router
You don't have to protect resolve.conf, nor should you.
man resolveconf.conf # sic!but essentially add your preferred name_servers to /etc/resolveconf.conf
So I guess I can't really set up a custom DNS on my router level. I'm curious: is this standard behavior, or is it specific to my router?
With a sample size of N=1, I can - but ISP issued routers do all sorts of crap :-(
Online
#8 2020-05-28 18:22:32
- Head_on_a_Stick
- Member
- From: The Wirral
- Registered: 2014-02-20
- Posts: 8,746
- Website
Re: [SOLVED] Connection not working after changing DNS server in my router
what's with the "!H"s?
After the trip time, some additional annotation can be printed: !H, !N, or !P (host, network or protocol unreachable)
is this standard behavior, or is it specific to my router?
My TP-Link router maintains user specified nameservers even with DHCP enabled.
I suppose I'll try one of the tricks to write-protect resolv.conf on my arch install and settle for that.
Para todos todo, para nosotros nada
Offline
#9 2020-05-28 19:16:47
- beardoof
- Member
- Registered: 2019-11-13
- Posts: 14
Re: [SOLVED] Connection not working after changing DNS server in my router
ISP issued routers do all sorts of crap :-(
Yeah, my ISP is painful. I can't even use my own router I bought (I used to use it for bridging a few years ago), because the data cable is proprietary (?) and does not fit into regular routers. This router I bought has a much clearer and honest admin interface. The ISP router doesn't even have a secure connection to 192.168.0.1, which is why I decided to limit access to wireless-only. All firewall, port, IP and MAC rules are super simplistic and limited, too. It also resets my connection to admin interface really often. It's really terrible.
man traceroute wrote:After the trip time, some additional annotation can be printed: !H, !N, or !P (host, network or protocol unreachable)
Thank you 
My TP-Link router maintains user specified nameservers even with DHCP enabled.
Thanks for the feedback!
You don't have to protect resolve.conf, nor should you.
man resolveconf.conf # sic!
but essentially add your preferred name_servers to /etc/resolveconf.conf
Thanks for warning me! I might need to do some extra config because I have BIND installed, but I think I can handle this on my own now (with help from the amazing wiki, of course).
Thank you to everyone who helped me with this issue, I have learned a lot of new tools thanks to you @seth @Zod and @Head_on_a_Stick. I've marked this topic as solved.
Offline