In recent weeks a weird problem has started in my office. The internet seems to stop working, but it has not failed, it's just DNS problems.
Setup:
ADSL2+ AnnexM connection via a Draytek Vigor 2820 router. Windows server domain running Server 2008 R2. A DNS server is set up on the server, and DNS forwarders set to the values sent to the router (141.1.1.1 and 195.27.1.1 - Thus/CW/Vodafone). I've also added Google's public DNS as backup (8.8.8.8 and 8.8.4.4).
Symptoms
Most of the day the network works fine and web browsing works.
At various points of the day, DNS seems to stop working for external hosts so web browsing stops. There does not seem to be an obvious trigger, although it almost always fails about 4pm local time.
The ADSL line is still working (I run BBC radio 2 streaming over it and this does not stop), and the VPN links to the other office are also working. I can ping external IP addresses - so the problem definitely seems to be with DNS.
What I've Tried
I've tried diagnose the cause usingnslookup: it resolves only internal hosts, anything external times out. I tried setting the server to the CW and the Google ones directly, but this also times out:
> server 8.8.8.8
DNS request timed out.
timeout was 2 seconds.
Default Server: [8.8.8.8]
Address: 8.8.8.8
>
The only solution appears to be to reboot the router. After this everything works again for a while.
I did suspect the problem was with the router but we've not made any configuration changes. So do the assembled experts think this is a router issue or is the ISP?
I've had the exact same problem for almost a week. Had to re-dial / reboot the server so many times manually. I just found a possible solution and it has worked fine for past hour.
Log into the router as admin, Firewall >> DoS defense Setup, Unticked "Enable UDP flood defense".
I've had a similar problem...
BT's my ISP, my router is a Draytek 2820 and is TX and RX packets, I can access google.co.uk and search on wired and wifi connected devices, on none can I access any other websites. Issue across whole network, happens around 11am each morning for the last week. It's killing VOIP, gmail etc, everything bar google. I can successfully ping from my router, as mentioned above; it is still connected!
My guess is DNS...if it happens again then I'll do some more prodding, but for now I hadn't realised that there are DNS setting fields for LAN and WAN. I'm not sure if it's solved it yet, but I've now changed to Google's DNS in both DNS settings for WAN and LAN...previously I only had populated WAN.
WAN: WAN > Internet Access > WAN2 > Static or Dynamic IP
LAN: LAN > General Setup
A colleague just mentioned that Draytek are no longer supporting 2820's. He's had a stack of DNS problems with them, and suggests that they're getting progressively worse. Nice.
Ok, I wrote the above on Friday. It's dropped again this morning (Monday), I've done some further research, here's another promising solution:
See the posts from Jan 2015 here: http://community.spiceworks.com/topic/393025-dns-drops-roughly-once-a-week
and then see the bandwidth/packets per second table here: http://www.draytek.com/index.php?option=com_k2&view=item&id=5315&Itemid=293&lang=en)
Change the threshold config (Firewall > DoS Defense) for "Enable UDP flood defence" to whatever suits your bandwidth, I've gone with 2000/sec.
Having read this it's absolutely my problem. Hopefully it sorts it.