Is my home network set up right?

JimR · External Since: Feb 25, 2012 Posts: 4

I'd like to validate that my home network is set up in an optimal
fashion, especially in how I am handling DNS. Some people recently have
suggested that DNS may be at fault for some intermittent errors that I see.

Here is how I am set up. The DNS set on the Linux machine may be
redundant, since I hope that my router provides DNS to the house.

ISP is cable. Don't like it, but there's no other choice if I want
reasonable speed. I own a Zoom cable modem.

Cisco wired/wireless router/access point. I added Static DNS in there
of 4.2.2.2 and 4.2.2.4 (I do not use my cable ISP's DNS since I have
heard bad reports).

Main desktop computer runs Mandriva Linux x86_64, ethernet connection to
router. Has gateway set up as the router's IP 192.168.1.1. Has DNS as
4.2.2.2 and 4.2.2.4.

Laptop1 runs Kubuntu Linux x86_64, wifi connection to router. Has
gateway of 192.168.1.1. /etc/resolve.conf has following:
domain hsdl.mycableisp.net <== suspicious to me!
search hsdl.mycableisp.net <== suspicious to me!
nameserver 192.168.1.1
nameserver 4.2.2.2
nameserver 4.2.2.4

Laptop2 runs Kubuntu Linux i686, wifi connection to router. Has gateway
of 192.168.1.1. /etc/resolve.conf has following:
domain hsdl.mycableisp.net <== suspicious to me!
search hsdl.mycableisp.net <== suspicious to me!
nameserver 192.168.1.1
nameserver 4.2.2.2
nameserver 4.2.2.4

Laptop3 runs Windows 7 64-bit. wifi connection to router. Has gateway of
192.168.1.1
Obtain DNS server address automatically is enabled

Aux desktop runs Windows XP 32-bit. wifi connection to router. Has
gateway of 192.168.1.1
Obtain DNS server address automatically is enabled

Stratosphere android smartphone, only set the wifi SSID, everything else
is automagic.

Thanks for any suggestions

JimR

Richard Kettlewell · External Since: Feb 19, 2005 Posts: 189

JimR writes:
> I'd like to validate that my home network is set up in an optimal
> fashion, especially in how I am handling DNS. Some people recently
> have suggested that DNS may be at fault for some intermittent errors
> that I see.
>
> Here is how I am set up. The DNS set on the Linux machine may be
> redundant, since I hope that my router provides DNS to the house.
>
> ISP is cable. Don't like it, but there's no other choice if I want
> reasonable speed. I own a Zoom cable modem.
>
> Cisco wired/wireless router/access point. I added Static DNS in there
> of 4.2.2.2 and 4.2.2.4 (I do not use my cable ISP's DNS since I have
> heard bad reports).

Where did you get those numbers from?

--
http://www.greenend.org.uk/rjk/

JimR · External Since: Feb 25, 2012 Posts: 4

On 02/25/2012 02:03 PM, Richard Kettlewell wrote:
{snip}>
> Where did you get those numbers from?
>

4.2.2.2 and 4.2.2.4 DNS servers belong to Level 3 Communications. Can't
remember exactly, but wherever I read them indicated that Level 3
Communications is fairly close to the top of the domain tree, so they
are a reliable source for DNS.

Do you have a better suggestion?

JimR

Pascal Hambourg · External Since: Oct 11, 2006 Posts: 245

Hello,

JimR a écrit :
>
> 4.2.2.2 and 4.2.2.4 DNS servers belong to Level 3 Communications. Can't
> remember exactly, but wherever I read them indicated that Level 3
> Communications is fairly close to the top of the domain tree, so they
> are a reliable source for DNS.

This statement does not make much sense...

JimR · External Since: Feb 25, 2012 Posts: 4

On 02/25/2012 05:00 PM, Pascal Hambourg wrote:
>> 4.2.2.2 and 4.2.2.4 DNS servers belong to Level 3 Communications. Can't
>> remember exactly, but wherever I read them indicated that Level 3
>> Communications is fairly close to the top of the domain tree, so they
>> are a reliable source for DNS.
>
> This statement does not make much sense...

Then you should state what does make much sense.

Moe Trin · External Since: Dec 12, 2009 Posts: 46

On Sat, 25 Feb 2012, in the Usenet newsgroup comp.os.linux.networking, in
article , JimR wrote:

>I'd like to validate that my home network is set up in an optimal
>fashion, especially in how I am handling DNS. Some people recently
>have suggested that DNS may be at fault for some intermittent errors
>that I see.

No information on intermittent errors = no answer possible

>Here is how I am set up. The DNS set on the Linux machine may be
>redundant, since I hope that my router provides DNS to the house.

Meaning on laptop1 you can ask about laptop2 and the router provides
the DNS data - yeah, that's often the case, but it depends on how you
set up the router. Did you read the documentation about that?

>Cisco wired/wireless router/access point. I added Static DNS in there
>of 4.2.2.2 and 4.2.2.4 (I do not use my cable ISP's DNS since I have
>heard bad reports).

What kind of "bad reports"? Slow? Providing wrong answers? While
those two 4.2.2.x hosts are "public" DNS servers, it's usually smarter
to use your own. You have to also think that DNS servers "out there"
don't know anything about your local network, and will therefore return
NXDOMAIN if asked about them. That breaks things. You should be using
the appropriate tools to investigate your DNS problems - even something
like 'tcpdump', 'ethereal', or 'wireshark' will show _which_ DNS server
you are asking, and what response you are getting. There are also the
regular DNS testing tools:

[compton ~]$ whatis dig dnsquery host nslookup
dig (1) - send domain name query packets to name servers
dnsquery (1) - query domain name servers using resolver
host (1) - look up host names using domain server
nslookup ( Cool

- query Internet name servers interactively
[compton ~]$

You may not have 'dnsquery' as it's old and deprecated. These tools
are part of the 'bind-utils' package, and are used to query name
servers. THEY IGNORE THE HOSTS FILE. All four tools can be told to ask
specific name servers, rather than the IPs listed in /etc/resolv.conf,
which can help isolate DNS problems.

>Main desktop computer runs Mandriva Linux x86_64, ethernet connection
>to router. Has gateway set up as the router's IP 192.168.1.1. Has DNS
>as 4.2.2.2 and 4.2.2.4.

DNS should be router only.

>/etc/resolve.conf has following:
>domain hsdl.mycableisp.net <== suspicious to me!
>search hsdl.mycableisp.net <== suspicious to me!

[compton ~]$ whatis resolver
resolver (5) - resolver configuration file
[compton ~]$

The DHCP server on the router is mis-configured.

>nameserver 192.168.1.1
>nameserver 4.2.2.2
>nameserver 4.2.2.4

DNS should be router only. This is also a DHCP server configuration
issue.

Old guy

Pascal Hambourg · External Since: Oct 11, 2006 Posts: 245

JimR a écrit :
> On 02/25/2012 05:00 PM, Pascal Hambourg wrote:
>>> 4.2.2.2 and 4.2.2.4 DNS servers belong to Level 3 Communications. Can't
>>> remember exactly, but wherever I read them indicated that Level 3
>>> Communications is fairly close to the top of the domain tree, so they
>>> are a reliable source for DNS.
>> This statement does not make much sense...
>
> Then you should state what does make much sense.

Sure.
I can interpret "close to the top of the domain tree" in two ways :
content-wise (zones) or container-wise (servers).
Content-wise, a recursive DNS server is neither close to nor far away
from the top of the domain tree, as it is outside the tree. Only
authoritative DNS servers are inside the tree.
Container-wise, the DNS root servers are spread all over the internet.
Besides, being close to a root server does not help much : the root
servers only serve the root zone, i.e. the list of names and addresses
of authoritative DNS servers for all top level domains. Top level
domains and all subdomains are served by a multitude of other
authoritative DNS servers, and you cannot possibly be close to all of them.

Richard Kettlewell · External Since: Feb 19, 2005 Posts: 189

JimR writes:
> Richard Kettlewell wrote:

>> Where did you get those numbers from?
>
> 4.2.2.2 and 4.2.2.4 DNS servers belong to Level 3 Communications.
> Can't remember exactly, but wherever I read them indicated that Level
> 3 Communications is fairly close to the top of the domain tree, so
> they are a reliable source for DNS.
>
> Do you have a better suggestion?

Your own ISP's DNS servers. Google's public DNS servers, which unlike
Level 3's are actually intended for use from anywhere. Your own copy of
BIND (or equivalent).

--
http://www.greenend.org.uk/rjk/

JimR · External Since: Feb 25, 2012 Posts: 4

Thanks MT.

On 02/26/2012 12:25 PM, Moe Trin wrote:

> No information on intermittent errors = no answer possible

Fair comment. The explanations are fairly long, but here is the most
succinct that I can describe them.

Two different cases:
One.
We were shopping for a vacation on www.cheaptickets.com. Halfway
through the shopping selection screens, it would suddenly reroute us to
www.vast.com , a nondescript site that looks like one of those you get
when it can't serve the page you requested.

This happened numerous times, on 3 different computers, Windows 7,
Kubuntu Linux and Mandriva Linux, but was rather unpredictable as to
when in the process that it would happen. Restarting, rebooting, etc.
didn't help.

I eventually used a work machine that connects the same wifi router, but
then VPN tunnels to my work site, and it worked fine.

I have to think that it was something that my ISP (The Big US Cable
Company that owns the Big US TV Network) was doing in their routing, but
I can't imagine why. A similar re-routing happened months ago on a
completely unrelated site.

Two
While I am browsing Reddit from the laptop (1st laptop, often frequently
used for this activity), I will often follow links to imgur.com. After
some number (subjectively a dozen or two), I will suddenly start to get
404 errors on the imgur pages, or else imgur will display the frame of a
picture, but never fill in the image. I contacted imgur tech support,
and they suggested a DNS problem. This problem never happens on the
primary desktop.

>
>> Here is how I am set up. The DNS set on the Linux machine may be
>> redundant, since I hope that my router provides DNS to the house.
>
> Meaning on laptop1 you can ask about laptop2 and the router provides
> the DNS data - yeah, that's often the case, but it depends on how you
> set up the router. Did you read the documentation about that?

IIRC, they really don't discuss Linux in their setup options. They seem
to think that M$ rules the world.

>
> What kind of "bad reports"? Slow? Providing wrong answers? While
> those two 4.2.2.x hosts are "public" DNS servers, it's usually smarter
> to use your own. You have to also think that DNS servers "out there"
> don't know anything about your local network, and will therefore return
> NXDOMAIN if asked about them. That breaks things. You should be using
> the appropriate tools to investigate your DNS problems - even something
> like 'tcpdump', 'ethereal', or 'wireshark' will show _which_ DNS server
> you are asking, and what response you are getting. There are also the
> regular DNS testing tools:

Here's one such bad report. BigCableCo did not resolve correctly, but
Google DNS did.
https://supportforums.cisco.com/thread/2126556

>
During this week, I will experiment with your other suggestions. Thanks
for taking the time to help.

JimR

General Schvantzkoph · External Since: Dec 29, 2004 Posts: 1243

On Sat, 25 Feb 2012 14:46:43 -0500, JimR wrote:

> On 02/25/2012 02:03 PM, Richard Kettlewell wrote: {snip}>
>> Where did you get those numbers from?
>>
>>
> 4.2.2.2 and 4.2.2.4 DNS servers belong to Level 3 Communications. Can't
> remember exactly, but wherever I read them indicated that Level 3
> Communications is fairly close to the top of the domain tree, so they
> are a reliable source for DNS.
>
> Do you have a better suggestion?
>
> JimR

Use Googles DNS servers, 8.8.8.8 and 8.8.4.4

Moe Trin · External Since: Dec 12, 2009 Posts: 46

On Mon, 27 Feb 2012, in the Usenet newsgroup comp.os.linux.networking, in
article , JimR wrote:

>We were shopping for a vacation on www.cheaptickets.com. Halfway
>through the shopping selection screens, it would suddenly reroute us
>to www.vast.com , a nondescript site that looks like one of those you
>get when it can't serve the page you requested.

OK vast.com is a specialized search engine (their blurb page says they
focus on autos, vacation rentals, and real estate), so that is possible.

>I have to think that it was something that my ISP was doing in their
>routing, but I can't imagine why. A similar re-routing happened
>months ago on a completely unrelated site.

If the page was actually sourced by vast.com, then it's a screwup
on the part of orbitz.com. The domains are quite different
(www.cheaptickets.com is in Chicago on a /22 equivalent starting
at 198.175.55.0, while vast.com is in SFO on 70.42.235.0/24). It's
possible to be a DNS issue, but highly unusual. Routing? I doubt it.

>I will often follow links to imgur.com. After some number (subjectively
>a dozen or two), I will suddenly start to get 404 errors on the imgur
>pages, or else imgur will display the frame of a picture, but never fill
>in the image.

404 errors should come from the web server - not a DNS problem unless
your browser can't identify the server (and it should say something
like "unknown host" so that you can know to check your typing). The
inability to display images can be DNS - briefly, some pages contain
stuff from "content providers" (Akamai is probably one of the better
known). A content provider has locations scattered all over the place,
and when your web browser attempts to access such a component, the DNS
at the content provider returns an IP that is "near you" network-wise
and/or one that is lightly loaded. The idea is to speed up loading by
taking the load off of a central host. In theory, it could also be a
local firewall issue (actual firewall rule or something like a pop-up
blocker) that prevents access to the content provider.

>> it depends on how you set up the router. Did you read the
>> documentation about that?

>IIRC, they really don't discuss Linux in their setup options. They seem
>to think that M$ rules the world.

They use the same words though. I don't bother using DHCP, as the
computers are not that mobile - the systems are set with static
configurations and therefore have fixed addresses (and have host/IP
listings in the /etc/hosts file normally checked first by the
resolver). It's possible to kick the DHCP server on your router to
hand out "fixed" addresses based on MAC (hardware) addresses, but I
don't know your router so can't tell you how. Note that while the
underlying actions are consistent, each Linux distribution has it's
own shiny tool to set up the DHCP _client_ on your laptop/desktop
that is better than everyone else's... and is different. Some desktops
also have their own toy tool in addition just to complicate things.
The _client_ configuration would allow you to tell your systems to
ignore certain settings provided by the server on the router - such as
which DNS to use, or what not to have in /etc/resolve.conf.

The original purpose of dynamic addressing was where there were many
computers that were not operating all the time, and had to share a
limited number of addresses. With RFC1597 (replaced by RFC1918) there
are over 17 million addresses available. Subsequently, DHCP was adopted
by microsoft to ease the configuration burden on hosts (at the cost of
increased complexity on servers and less security). The ISPs of the
world have adopted DHCP for the same reason. The result is a "one size
fits all" (really, "one configuration fits all") that works most of the
time as long as the user is doing what is expected ("any color so long
as it's black" sound familiar?). The DHCP server configuration can be
tricky, but once it's working the customer can change computers with
minimal setup effort. For the home user, this means the router
defaults to using the ISP name servers, and transparently using RFC1918
addresses (such as 192.168.1.x)

>Here's one such bad report. BigCableCo did not resolve correctly, but
>Google DNS did.

OK - if you read this page, the problem was at the web-site, where the
idiots running the site didn't set up their DNS correctly. BigCableCo
is a little more paranoid, and follows the rules, while Google didn't.
The "fix" was to correct the error at the web site's DNS.

>During this week, I will experiment with your other suggestions. Thanks
>for taking the time to help.

You may want to read through the DNS-HOWTO

-rw-rw-r-- 1 gferg ldp 91563 Dec 23 2001 DNS-HOWTO

which can be found on the web (http://ibiblio.org/pub/linux/docs/HOWTO/
being one site) to get some additional understanding of how DNS is
supposed to work. "A" problem with having a local network and using
outside DNS is that the whole concept of DNS is to "believe" the first
answer received. If you ask an outside DNS server about a host on
your network, they will tell you "it doesn't exist" - and you've lost
contact with that host. (If Mommy says "no", it's not going to ask
Daddy or the grandparents for a second chance/opinion - the answer is
no!) Any DNS server you ask should therefore know about all hosts you
want to talk to - and if you have dynamic IPs on your LAN (which means
you can't use the /etc/hosts files) you have to ask the DNS server that
knows what's on your LAN - that would be the server in the router. That
server ALSO knows how to ask an outside name server (whether it be
4.2.2.[1-6], the google.com, opendns.com, ultradns.net or the BigCableCo
name servers) to resolve "outside" addresses.

There is also a 'DHCP' mini-howto at the same sites

-rw-rw-r-- 1 gferg ldp 33678 Oct 20 2000 DHCP

that can help understanding that little ball of tar. Note that it's
old, and doesn't cover the DHCP _client_ you are using on your
Mandriva and Ubuntu systems but it helps understanding things. Briefly
the DHCP _server_ can specify over 150 different parameters to the
client - everything from "subnet mask" (code 1) to "reboot time" (code
211) and many more (which the client _may_ be configured to ignore).

Old guy