Thursday, November 10, 2011

An Interesting DNS Issue

Ready for another networking lesson?! Great! Lets get started… A customer called in today asking for help because they were unable to access our website or their webmail. Everything, such as e-mail or the employee web portal, is accessed directly from our website and the customer was not able to get to it from any web browser on their computer. They could go down the street to a coffee shop and access our site just fine. The strange thing was that it was only our company website was not working in the remote office. Internet Explorer would display “Unable to open website" when trying to access the site. We tried different web browsers and the experience was the same. To test, I performed several troubleshooting steps such as trying to PING the website from the command line, flushed the DNS cache, and I even flushed the ARP cache. No matter what I did, her computer just wasn’t communicating with our website. I was able to fix the problem by doing something not considered ‘normal’, but at least I was able to get the customer access to our website again.

I was able to fix the problem by changing the DNS settings on the wireless router to point to Google’s free DNS service instead of the ISP’s DNS services. I did this because there was a clear problem with the ISP's own DNS service, which is what the wireless router was configured to point DNS requests to. Forcing the router to go to another DNS service (and Google's DNS is more reliable anyways) fixed the problem.

What is DNS anyways? Without DNS, the internet would be a much more difficult world to deal with. DNS stands for domain name system. It translates hostnames like google.com or microsoft.com to IP addresses. When you type in google.com into a web browser, the browser sends the request to a DNS server (as defined in the router settings) which translates the google.com name into its actual IP address, then helps your computer forward the traffic to that IP address. The picture attached to this blog post is a good visual of exactly how DNS works Smile

DNS servers maintain a database comprised of hostnames matched with their actual IP addresses. This is how a DNS server knows where to tell your computer to send it’s communications to. Each entry in the database is called a record and changes to DNS records occur millions of times per minute. DNS servers hosted by providers such as GoDaddy, ENOM, NetFirms, etc. are considered “top level” and the DNS record information is first replicated amongst each other, then eventually get replicated to other DNS servers on demand. Every ISP has their own hosted DNS server and the problem with an ISP DNS is that it is sometimes outdated and unreliable; such was the case with this customer...

Why does changing the DNS settings on the customer’s network fix this problem? DNS databases can become corrupt on the router, or DNS is corrupt on the ISP’s side, or a DNS server has not retrieved new or updated information from other worldwide DNS servers, or any other type of DNS networking factor. Forcing a computer or router to communicate with a specific DNS server that has current and reliable DNS information is a way to permanently fix a DNS problem.

How can you change DNS settings on your own? First, you need to decide what DNS server you want to define in the DNS settings on your router or your computer. Two very popular DNS services (which are free) are Google Public DNS or OpenDNS.org. Once you decide which service you want to go with, instructions on how to configure your network is at each site.

With this customer, I decided to go with Google’s Public DNS because I have had good experience with it in the past. Sure enough, it works just fine and helped me get the customer back up and running. A nice side effect of changing to Google Public DNS is that the internet performance on the customer’s computer (going from website to website) increased dramatically Smile.

Now, if you are not having issues with your current ISP and are able to surf the internet without any issues, I DO NOT recommend changing your DNS settings because “if it ain’t broke, don’t fix it!” Otherwise if you know what you are doing, feel free to update your DNS settings. I hope you have learned something interesting in this post! As always, feel free to leave a comment below. Cheers!

-Joe