hello /g/entlefolk
I have been having sporadic, what I believe to be DNS related issues on my network.
90% of requests will work fine regardless, but when the issues start it's only a handful of odd websites that won't resolve until I do a router reboot.
for steam it's been happening daily after a while, the store page will stop loading, downloads stop working, and steam controller settings are lost.
I'm running pi-hole on a connected debian box which forwards to pic related which is running openWRT with a DNS resolver w/DNSSEC.
the router is configured to ignore ISP DNS servers (will NOT use these due to recent privacy rules) and use OpenDNS as options 1,2 and google DNS as options 3,4. resolving is noticeably slower going through all these hoops, but I like the piece of mind.
I know it's not pi-hole because it works after a router reboot, and I've tried ipconfig /flushdns on my desktop when it happens which does nothing, so I'm thinking it might be DNSSEC related or some issue with a DNS cache in openWRT?
any ideas?
>>60002941
OpenDNS sounds like a cool idea, but it is almost always s-l-o-w
Go to grc.com and d/l a copy of DNSBench
Have as little as possible using your network throughout the rest of this procedure procedure
Run DNSBench and click the Nameservers tab
Click Add/Remove
At the end of the list that appears, click Build Custom Nameserver List
Note that it will take 37 minutes to complete
Click Build Custom List
When it completes, back out to the Nameservers tab and click Add/Remove again
Near the bottom of the list, click Remove Dead Nameservers, then Remove Redirecting Servers and finally Save Nameservers to .INI File.
Use this .INI file to load your Custom Nameserver List if/when you want to run DNSBench again.
Click close and then click Run Benchmark. This will only take about 5 minutes to run.
When it finishes, you'll have a list of the fastest DNS servers near you. The first one will be your
router, so plug your pi-hole with the IP addresses from 2nd through 5th entries.
g/l
>>60003795
thanks anon, building my list now
>>60002941
so try changing your DNS and see if the problem persists
>>60003907
I narrowed it down to the router. when I add openDNS to the desktop as an additional DNS steam starts working again. maybe steam's domain names aren't working with DNSSEC?
>>60002941
Put the stock firmware back on it, openwrt is a buggy pile of shit.
>>60003945
turris uses a custom OS so stock firmware is openWRT
>>60003967
Oh jesus, sorry.
>>60003934
it's definitely a DNSSEC issue, disabling that clears the issue
looks like I found the problem
https://dnssec-name-and-shame.com/domain/steampowered.com
>>60003945
>>60003967
>>60003999
do NOT listen to systemd shills
>>60003999
shocking news: lame ass trip keeps being wrong