Open jsha opened 10 years ago
I took a packet capture and viewed it in Wireshark. On the left is a failed request from the OpenWireless public network (also repros on the private network). On the right is a successful request from the upstream network. The only difference between the two is that the flag 'Truncated: Message is truncated' is set on the failed request. Which is odd since both responses are the same length.
Since this is a DNS-layer problem, I'm leaning towards the idea that it might be an issue in dnsmasq. Still not sure.
This looks like it might be relevant: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2009q2/002962.html
Would it be possible to switch to Unbound instead of dnsmasq? The DNSSec validation would be a great addition to the platform.
Steps to reproduce:
It's strange that only mozilla.org fails to resolve. And if you log on to the router, they resolve successfully. Note that both mozilla.org and google.com have an AAAA (IPv6) response in addition to the A (IPv4) response, so that's not a factor:
The next step to debug would probably be to take a packet capture of the nslookup using e.g. Wireshark. If you take a capture of the lookup on a non-OpenWireless network as well you should be able to see the difference between success and failure.