Internal DNS Client resolves with TCP, but Win7 will not resolve

[GChester]

I have added our local IP 127.0.0.1 and even tried the direct IP and Windows will not resolve the DNS.

It will resolve using your internal DNS client test for UDP only.

I am using the Windows Version.

PS. Great software by the way. Exactly what we need for dev environment.

[ShreyasZare]

Hi,

Thanks for the compliments! Please take a screenshot of the network adapter which shows the DNS server config and send it to support@technitium.com. Based on the data I can provide you diagnosis to fix the issue.

Regards, Shreyas Zare

[GChester]

I never heard back on this issue but it seems to have resolved itself. Probably some windows cache stuck in the OS.

Thanks for your help.

[GChester]

@ShreyasZare , I still seem to be having a problem with this issue. When I use the built-in DNS client feature to test DNS, it resolves using TCP but not UDP?

I will send you a new screenshot of the adapter settings screen in the hopes you can help.

Getting this working would be so helpful but for the past 1.5 months I have not been able to get it working stable in a Win7 evnvironment.

Thanks

[GChester]

@ShreyasZare tried to send email to support@technitium.com and it got returned

[ShreyasZare]

@GChester Thanks for the feedback. Please check what was the reason for the email getting bounced. Do check if there was any typo in the email address. You can also post the images on any public image sharing website and give links here.

Do send screenshot of the built-in DNS Client interface too so that I know what parameters you have used and what error you see.

[GChester]

UPDATED: I sent the wrong video that only recorded the browser tab. I am sending an updated video to your email with the entire desktop so you can see the network settings are other windows outside the browser.

Hey Buddy thanks for reaching out. I think the email problem was on our side. Sorry for the trouble.

Here is a video of the problems.

(OLD VIDEO WAS HERE)

Thanks for your help.

Austin

On 2018-07-23 11:36, Shreyas Zare wrote:

@GChester [1] Thanks for the feedback. Please check what was the reason for the email getting bounced. Do check if there was any typo in the email address. You can also post the images on any public image sharing website and give links here.

Do send screenshot of the built-in DNS Client interface too so that I know what parameters you have used and what error you see.

-- You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub [2], or mute the thread [3].

Links:

[1] https://github.com/GChester [2] https://github.com/TechnitiumSoftware/DnsServer/issues/6#issuecomment-407027646 [3] https://github.com/notifications/unsubscribe-auth/ADPRXd71dFUHDjBA9InPTuA7aBxdviOXks5uJbVEgaJpZM4Uf1-8

[GChester]

@ShreyasZare Following up to make sure you got the email and video?

[ShreyasZare]

@GChester: I had replied to your email support@your***ds.com yesterday. Do check and let me know.

[ShreyasZare]

@GChester : I got your email. It seems the earlier email reply I sent didnt go through your email server. Anyways, I am pasting the email reply here:

Hi,

Thanks for the detailed video. This seems to be strange issue. I have tested the app on Windows 7, Windows 8, Windows 10, and even Ubuntu Linux and it works well.

I have a few suggestions that you can do to debug this issue:

• Check to confirm if the server is running on UDP port 53 using following command: netstat -ano | find ":53 "

  You should see output like this:

TCP 0.0.0.0:53 0.0.0.0:0 LISTENING 3028 TCP [::]:53 [::]:0 LISTENING 3028 UDP 0.0.0.0:53 : 3028 UDP [::]:53 : 3028

This should confirm its running for all ports on TCP & UDP.

• In your network config, use only 127.0.0.1 as DNS and remove the second DNS that you have. This is since the OS may query to the secondary DNS sometimes in parallel to the primary DNS and any reply it gets from secondary DNS will get cached into the OS's DNS cache. Once its in cache, you will get the same response every time until the cache expires. You can manually clear the cache by ipconfig /flushdns command. Do clear cache manually once before you start the tests just to be sure.

• Try querying the DNS server using the nslookup command which is a DNS client built into Windows. Enter this command and see if you get response shown below: nslookup beta-roofing.net.stag

  nslookup beta-roofing.net.stag Server: localhost Address: 127.0.0.1

  Name: beta-roofing.net.stag Address: 127.0.0.1

• I would also recommend to edit the firewall entry that you have. Instead of allowing any protocol, specify UDP port 53 & TCP port 53 and remove the specific application path given in Programs & Services Tab. This will allow any TCP or UDP port 53 query regardless of which app is handling them.

• You can also enable "Log All Queries" option from the DNS Server settings and check the logs to see if the server is receiving any queries and if there are any errors. If you see any errors, do send them so that I can test and fix it.

Try these things once and let me know how it goes.

Regards, Shreyas Zare

[GChester]

@ShreyasZare Yes, after checking all your tips and tricks I still do not have any results.

I am not sure how to proceed...

[ShreyasZare]

@GChester its totally strange thing going on with the setup. Since, loopback is never blocked and any locally running app is able to connect to the loopback, it seems this is something that is specific to the current computer. Can you try this same setup on some other computer or virtual machine and check once?

[GChester]

@ShreyasZare Thanks for all your help. After finding some time to really get my hands dirty and debug, I found that CCProxy was capturing the UDP DNS.

Once I configured it started working so I wanted to update to help others.

Just so other know, I used the netstat command to debug and found the program that was using port 53.

netstat -ab-p udp

Thanks for all your help bro!

[ShreyasZare]

You're welcome. Glad to know it worked.

[peterseale-tethr-com]

Am I crazy and misunderstanding Windows, or will this not work out-of-the-box?

I had to add 127.0.0.1 in settings so DNS would work at all against IPv4. Maybe it goes IPv6 by default, and that's how everyone's limping along? I have IPv6 disabled.

This configuration works for me:

0.0.0.0
127.0.0.1
::

netstat -a output below:

  TCP    0.0.0.0:53             0.0.0.0:0              LISTENING       36412
  TCP    127.0.0.1:53           0.0.0.0:0              LISTENING       36412
  TCP    [::]:53                [::]:0                 LISTENING       36412
  UDP    0.0.0.0:53             *:*                                    7492
  UDP    127.0.0.1:53           *:*                                    36412
  UDP    [::]:53                *:*                                    36412

Edit: I've made a quick pull request to make this so by default. I've also semi-confirmed that this happens to me because I have indeed disabled IPv6. Pull request: https://github.com/TechnitiumSoftware/DnsServer/pull/100

[ShreyasZare]

Thanks for the details. The issue that you have is some other application is listening on UDP "0.0.0.0:53" and thus the DNS Server is unable to bind to this address. You can check the DNS server logs and you will find error which will indicate that the server failed to bind to the specific address & port.

Just check the nslookup output that you posted:

  TCP    0.0.0.0:53             0.0.0.0:0              LISTENING       36412
  TCP    127.0.0.1:53           0.0.0.0:0              LISTENING       36412
  TCP    [::]:53                [::]:0                 LISTENING       36412
  UDP    0.0.0.0:53             *:*                                    7492
  UDP    127.0.0.1:53           *:*                                    36412
  UDP    [::]:53                *:*                                    36412

The last column in the output is process Id and you can see that process Id for UDP "0.0.0.0:53" is different that the other ports. You can check Task Manager or use tasklist command and find out which process it is to figure out which service you have installed that you need to stop.

Once you identify this process and stop it, just restart the DNS Server and you will have everything working just fine without requiring to add "127.0.0.1" in the settings.

Even if you don't use ipv6, your Windows OS supports ipv6 natively and your network adapter will have that protocol installed. If you have ipv6 disabled for one network adapter, it will be still working with other network adapters like the internal loopback adapter.