Once every few days, all machines on the network get DNS timeouts - but the WAN (WAN2, 100Mb Virgin Media cable) is still live and sites can be accessed by IP address.

I thought it might be the Draytek 2920 messing up its DNS caching, but I changed one machine to use OpenDNS and it had the problem too. Also with Google DNS. I can ping it:

Code:

>ping 8.8.8.8 Pinging 8.8.8.8 with 32 bytes of data: Reply from 8.8.8.8: bytes=32 time=27ms TTL=52 Reply from 8.8.8.8: bytes=32 time=21ms TTL=52 Reply from 8.8.8.8: bytes=32 time=41ms TTL=52 Ping statistics for 8.8.8.8: Packets: Sent = 3, Received = 3, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 21ms, Maximum = 41ms, Average = 29ms

and yet ...

Code:

C:\Users\both>nslookup www.aaisp.net 8.8.8.8 DNS request timed out. timeout was 2 seconds. Server: UnKnown Address: 8.8.8.8 DNS request timed out. timeout was 2 seconds.

Any thoughts on this?

Hi,

I had this same problem with a 3200. I had Wan1 connected to Virgin Cable modem, and the same for Wan2. Have the ip addresses have been told to use Wan1, the other lot Wan2. It was working for a while, and then no-one can surf the net because the DNS fails - I can ping the Virgin DNS Servers, but they stop resolving URL's.

LAN - GENERAL SETUP - LAN1 - I forced a manual DNS setup using the server addresses below for OpenDNS.

DNS Server IP Address
Force DNS manual setting
Primary IP Address 156.154.70.1
Secondary IP Address 156.154.71.1

Since then, I have had no issues.

Hope this helps.

Matthew Clark, Bristol Computer Support Ltd.

Try the 3.3.7 firmware? I know that DNS forwarding is a bit not so great on the 2830 series so it's probably the same for the 2920 - I haven't got a 2920 to check with but I know that draytek have a beta firmware for the 2830 that fixes up the DNS forwarding.for my setup.

Hi All,

The dredded dns timeout returned! So even changing the DNS didn't work in the end.

I had already upgraded to 3.3.7 firmware, and the router is the 3200N.

Any further ideas would be great, as I have about 50 users trying to use this at weekends.

Matt Clark, Bristol Computer Support.

Check whether UDP flood defense is enabled under the Firewall - DoS defense section? That could do what you're describing if the UDP (DNS is UDP 53) goes over the threshold and the default of 150 packets per second is pretty low for a larger than average network.