Meraki

Community

Strange DNS Problems

Solved
NunoFlora
Here to help
‎Mar 30 2022 3:55 AM
‎Mar 30 2022 3:55 AM

Strange DNS Problems

I have a DNS problem in a network of 500 users, some devices connect to the wifi in one of the ssid and after connection ok they use chrome that tells them the dns did not respond i check the logs in meraki and see "DNS server did not respond".

I'm using google 8.8.8.8 and 8.8.4.4 but for some reason it gives me this errors but I can use a computer and ping 8.8.8.8 and 8.8.4.4 no problem but can't get dns in chrome our other web browser.

Labels:
0 Kudos
1 Accepted Solution
In response to securingnimbu5
NunoFlora
Here to help
‎Apr 12 2022 8:31 AM
‎Apr 12 2022 8:31 AM

I still don't know what the problem is but changed dns to 1.1.1.1 and solved all the dns problems

View solution in original post

0 Kudos
7 Replies 7
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 30 2022 4:26 AM
‎Mar 30 2022 4:26 AM

Is The Client IP assignment  NAT mode or Bridge mode?

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Inderdeep
Kind of a big deal
Kind of a big deal
‎Mar 30 2022 5:14 AM
‎Mar 30 2022 5:14 AM

@NunoFlora : Check this thread 

https://community.meraki.com/t5/Wireless-LAN/Weird-DNS-Issues/m-p/5352#M970

 

Regards/Inder
Cisco IT Blogs awarded in 2020 & 2021
www.thenetworkdna.com
0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Mar 31 2022 12:08 PM
‎Mar 31 2022 12:08 PM

If you use nslookup, can you resolve a DNS name?

 

Chrome changed over to using DNS over HTTPS at some stage, so it may not be sending DNS queries as you think.  I think it was optional initially and then became the default.  You could try a test and disable DNS over HTTPS on one machine and see if that changes the problem.

https://pureinfotech.com/enable-dns-over-https-chrome/ 

 

Are you using any third-party filtering software, either for DNS or HTTPS?

In response to PhilipDAth
MerryAki
Building a reputation
‎Apr 2 2022 8:30 AM
‎Apr 2 2022 8:30 AM

I would also mention DNS over TLS as a possible problem. Try to do a trace route anc check for rules that block traffic to the DNS Server/s.

Another thing that might be required at some point is DNSSEC, give 9.9.9.9 a chance. (Cloudflare is of course a good one, too, but not in terms of security and threat defending)

In response to MerryAki
securingnimbu5
Here to help
‎Apr 3 2022 1:21 AM
‎Apr 3 2022 1:21 AM

@MerryAki I have to agree with you here.

 

My thoughts:


If he can ping successfully, but can’t visit web pages through browsers; then we know the issue lies with “host names not resolving”.


I would capture the DNS traffic and find out where it’s getting dropped. Then check the ACL to see if DNS traffic is allowed on port 53. Cheers!

In response to securingnimbu5
NunoFlora
Here to help
‎Apr 12 2022 8:31 AM
‎Apr 12 2022 8:31 AM

I still don't know what the problem is but changed dns to 1.1.1.1 and solved all the dns problems

0 Kudos
In response to NunoFlora
MerryAki
Building a reputation
‎Apr 12 2022 8:37 AM
‎Apr 12 2022 8:37 AM

Or try preselecting Google or Cisco Umbrella DNS

But yes, cloudflare is performing better ✌️

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.