cancel
Showing results for 
Search instead for 
Did you mean: 

Plus Two DNS Issues

Harddrive
Dabbler
Posts: 16
Thanks: 2
Registered: ‎24-07-2021

Plus Two DNS Issues

Since moving to a Hub Two from a Hub One, I’ve been encountering SSL certificate errors on Windows with Outlook and Edge. It seems to be DNS related. Outlook 365 may issue a message box describing the error allowing me to click Yes but not always. Outlook 365 reports Issued To: cloudflare.dns.com.

I have great difficulty getting Outlook 365 to download e-mails (trying to connect to Outlook.com).

I can sometimes but not always get round the problem by issuing

Ipconfig /release

Ipconfig /flushdns

Ipconfig /renew

 

My internet security system throws up error messages for Edge (Chromium) and Bing related certificates. These errors are basic messages and don’t identify certificate information but I assume it is Cloudflare again. I can however still use Edge to browse web pages.

 

Also, I have two PCs which have intermittent connection issues via the Hub Two. Let’s call them PC1 and PC2. Although they are both ethernet connected to the same local network, I can’t sometimes connect to them using UNC (e.g. \\PC2\c from PC1 reports PC2 cannot be accessed) until I connect to the internet.  Windows Sync Centre also does nothing until I connect to the internet. Then I can access them. If I disconnect from the internet, the UNC connection sometimes only lasts a couple of minutes then afterwards I get the same “cannot access” problem as before. Yet other times the connection still works. When I can access via UNC a Ping for the remote (e.g. Ping pc2 -n 1) from PC1 shows an IPv6 address. When I can’t it shows as something like 127.1.1.1.

 

I’m running with the defaults on the Hub Two – except I’ve changed the Wireless Network names and passwords and turned UpNp off – the same as I did on the Hub One. Just for a test I re-enabled UpNp but it made no difference.

 

To verify this is a Hub Two issue, I went back to using the Hub One and all the problems disappeared. I ran for a few days with this then went back to the Hub Two – and all the problems returned.

 

The strange thing is that when the Ethernet cards allow the router to assign the DNS server addresses – which for the Hub One and Two is 194.168.1.254 - when connected to the internet, the router’s DNS addresses show as 212.159.6.9 and 10 – same for both the Hub One and Hub Two.

 

I get the same problems with the Plus Two whether I let the router set the DNS server address for the Ethernet card (192.168.1.254) or whether I code the Plusnet “alternate” ones 212.159.6.49 and 50.

I assumed Plusnet has its own DNS servers so I’m surprised Cloudflare-dns appears in Outlook’s certificates but I may be misunderstanding how DNS works.

 

So I can only assume there is something different in the way the Hub Two handles DNS requests vs the Hub One.

 

Is this a Hub Two bug? I once had a similar issue with the Hub One till a later firmware release appeared to fix it. The Hub Two certificate problem is causing me serious issues trying to use the PC especially with Outlook.

 

 

21 REPLIES 21
Baldrick1
Moderator
Moderator
Posts: 12,374
Thanks: 5,555
Fixes: 430
Registered: ‎30-06-2016

Re: Plus Two DNS Issues

@Harddrive 

I don’t know if it would help but are you aware that you are not constrained to using the Plusnet DNS resolvers with a Hub 2?

Moderator and Customer
If this helped - select the Thumb
If it fixed it,  help others - select 'This Fixed My Problem'

Harddrive
Dabbler
Posts: 16
Thanks: 2
Registered: ‎24-07-2021

Re: Plus Two DNS Issues

Thanks for the suggestion.

I have seen a place where the primary and secondary DNS servers can be specified in the router IPv4 Configuration pages. I set it to the Plusnet servers as an experiment before I tried coding them on the Ethernet card but it didn't make any difference.

You've given me food for thought to perhaps look into the world of alternate DNS servers if Plusnet cannot provide a solution using their DNS servers.

Thanks

Harddrive
Dabbler
Posts: 16
Thanks: 2
Registered: ‎24-07-2021

Re: Plus Two DNS Issues

Hello

I tried experimenting with the following DNS resolvers - specified in the IPV4 Config page of the router and when that didn't work, I specified them on the Ethernet card. But that didn't work either. (I Ipconfig'd release, flushdns, renewed and even rebooted the two machines)

I'm still getting the same issues as using the Plusnet DNS resolvers.

The Plus Two must be doing something different to the Plus One because the latter gave me no errors, even though I am using the same IPV4 addresses for the machines and the Plusnet DNS resolvers.

Can someone explain what the difference is?

Harddrive
Dabbler
Posts: 16
Thanks: 2
Registered: ‎24-07-2021

Re: Plus Two DNS Issues

After all that, I noticed the paste of the DNS resolvers I tried didn't work.

I meant to paste in the following:

Quad9
Google
Cloudflare

bobpullen
Community Gaffer
Community Gaffer
Posts: 16,930
Thanks: 5,016
Fixes: 317
Registered: ‎04-04-2007

Re: Plus Two DNS Issues


@Harddrive wrote:

I tried experimenting with the following DNS resolvers - specified in the IPV4 Config page of the router and when that didn't work...

I would suggest that the hub is rebooted after specifying custom DNS addresses in the IPv4 configuration settings. This assigns the DNS addresses to devices as part of the DHCP lease. If any devices are holding onto a prior lease, then they may not use the DNS server addresses you have changed to. A reboot should force all devices to grab a new lease.

Regardless, you can determine the DNS server address being used by a connected windows machine by running ipconfig /all from a command line and checking what DNS Servers are listed under the network adapter you are using.

 

I specified them on the Ethernet card. But that didn't work either. (I Ipconfig'd release, flushdns, renewed and even rebooted the two machines)

Again, if the machine shows via ipconfig that it's configured with the DNS addresses you have explicitly specified on the ethernet card, then that is very likely what it is using and would point to an issue unrelated to the servers you are using for DNS. The hub has little part in DNS resolution when you are running in this configuration other than to route the DNS packets to/from their destination.

 

I'm still getting the same issues as using the Plusnet DNS resolvers.

The Plus Two must be doing something different to the Plus One because the latter gave me no errors, even though I am using the same IPV4 addresses for the machines and the Plusnet DNS resolvers.

Can someone explain what the difference is?


There are no fundamental differences that I'm aware of.

I can't help but think something on your network or one/more of your local machines is giving way to this behaviour.

I get that you say you don't have problems with the Hub One, but from what you've tried, this does not strike me as solely a hub issue.

Edit: perhaps you can share some of these certificate warning errors you're seeing?

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

Harddrive
Dabbler
Posts: 16
Thanks: 2
Registered: ‎24-07-2021

Re: Plus Two DNS Issues

Hello Bob

Thanks for the reply. I did do Ipconfig /all after every change to verify I was using the expected DNS addresses.

For the difference between the Plus One and Plus Two one thing that comes to mind. With the Plus One I don't think there was any IPv6 support whereas the Plus Two does have limited support. It may be a red herring but I came across someone on the web who had Outlook problems and it was suggested the problem could be an IPv6 DNS address was being returned when an IPv4 address was expected.

If I turn off Encrypted Web Page Scanning in my internet security product, the certificate errors for MsEdge disappear. For Outlook they disappear too if I have the Ethernet card set to Obtain DNS addresses automatically. But if I specify the DNS addresses of 212...49 and 212..50 the certificate errors return - except the Issued By name changes from Untrusted BitDefender CA to DigiCert TLS Hybrid ECC SHA384 2020 CA1.

I did try to attach png and text files of the certificate errors but it will only attach 1 file. When I go to attach a second one it overwrites the first one. I tried zipping them up but it won't accept a zip file.

Had I not had a Plus One with no issues I would be thinking the internet security product was at fault but as soon as I reconnect the Hub One instead of the Hub Two all these issues go away without the need to turn of SSL scanning or make any other changes.

 

bobpullen
Community Gaffer
Community Gaffer
Posts: 16,930
Thanks: 5,016
Fixes: 317
Registered: ‎04-04-2007

Re: Plus Two DNS Issues

DNS servers will return IPv6 addresses (where applicable) whether the hub supports IPv6 routing or not.

You can try disabling some of the local IPv6 routing on the Hub Two in the Advanced Settings of the Hub Manager. Again, any changes made here and I would suggest a reboot afterwards.

If sites/services are presenting TLS certificates that are not owned by the site/service being accessed then I see no way this can be the sole fault of the router. Something else on the network has to be contributing to it. The hub has limited TLS certificates installed and none of them match what you're describing.

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

greygit
Rising Star
Posts: 196
Thanks: 20
Fixes: 1
Registered: ‎13-11-2021

Re: Plus Two DNS Issues

"I would suggest that the hub is rebooted after specifying custom DNS addresses in the IPv4 configuration settings."

 

Can I ask why the Hub2 doesn't use DHCP to assign the DNS servers it gets from the PN servers rather than trying to act as a DNS server itself? I can understand that a modem trying to exercise levels of parental controls would need to act as a DNS server, but the Hub2 doesn't have those capabilities. IYSWIM.

bobpullen
Community Gaffer
Community Gaffer
Posts: 16,930
Thanks: 5,016
Fixes: 317
Registered: ‎04-04-2007

Re: Plus Two DNS Issues

@greygit - I imagine that has something to do with the fact that DHCP leases are typically issued before the PPP session is established, and it's the PPP establishment that assigns the PN DNS addresses.

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

greygit
Rising Star
Posts: 196
Thanks: 20
Fixes: 1
Registered: ‎13-11-2021

Re: Plus Two DNS Issues

Would a DHCPFORCERENEW after the PPP negotiations get past the anomaly? Or would that only force a change of IP address?

Harddrive
Dabbler
Posts: 16
Thanks: 2
Registered: ‎24-07-2021

Re: Plus Two DNS Issues

Bob,

I looked into what IPv6 I could turn off and I could only see IPv6 Allocation. I changed it from Stateless to Off but this made no difference. I only wanted to do this briefly for a test so I've set it back to Stateless.

I did reboot the router after making the changes.

The internet connection seems to "drop" - Outlook 365 will suddenly report "You'll need the internet for this" and e-mails will stop - and the network status according to Windows changes to "No internet access" - yet I can still access websites via the browser. Sometimes the system will recover on its own, e-mails will come through again and the network status will change back to "Internet access" but sometimes I need to issue Ipconfig /release, /flushdns, and /renew...

Harddrive
Dabbler
Posts: 16
Thanks: 2
Registered: ‎24-07-2021

Re: Plus Two DNS Issues

Having done further testing, the issue seems to revolve around DNS at internet connect/disconnect time.

It manifests itself as Outlook certificate/connection problems, invalid Edge/Bing certificates and access denied to any other PC in the workgroup. If I connect to the internet then ipconfig /release, /flushdns, /renew, the problems get resolved. As soon as I disconnect, all the problems return, some immediately.

 

I am beginning to suspect the problems occur when the internet is disconnected and reconnected via the Hub Two web page. There was a period when the internet was connected continuously for 4 days and I didn’t see any Outlook, Edge/Bing, or any other DNS related issues.

 

I know there is a known issue with the password being lost on the connect web page. I am wondering if another piece of code in that area has been altered/deleted regarding DNS handling or perhaps a not connected state has not been considered for DNS when writing the code.

 

It does seem that the Plus Two assumes an always-on connection state is the desired state. If the power goes off and on again on the Plus Two it always reconnects to the internet automatically even if it wasn’t connected when the power went off. Whereas the Plus One would always honour the internet connection state as it was at power off time when the power gets restored.

 

Certainly I never hit these issues on the Plus One. There must be a difference somewhere in how the Plus One and Plus Two handle connect/disconnect. I could happily connect/disconnect frequently on the Plus One with none of these issues.

bobpullen
Community Gaffer
Community Gaffer
Posts: 16,930
Thanks: 5,016
Fixes: 317
Registered: ‎04-04-2007

Re: Plus Two DNS Issues

Why are you you repeatedly dropping the Internet connection? What purpose is this serving?

I'm a bit confused now. Obviously you're not going to have Internet access/DNS resolution if the router is offline Huh

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

Harddrive
Dabbler
Posts: 16
Thanks: 2
Registered: ‎24-07-2021

Re: Plus Two DNS Issues

In answer to question 1, a fair amount of work I do on the PC is offline and doesn't need an internet connection so I only connect when I need it and disconnect when finished. It is a habit from when I connected via dial up modem, and continued when I got the Plusnet Hub Zero and Hub One routers. There are two reasons, the major one is security. The less time I'm connected the less chance of being hacked, especially at times when the internet security software is not fully running e.g at bootup time or due to error. The other is it cuts out invisible background data going back and forth.

The router wen pages allow internet connect/disconnect so it is not as if I am doing anything the router is not built to handle (the broadband side is still connected - it is just the internet I connect/disconnect from.

I appreciate that I'm not going to have an internet connection/DNS resolution when disconnected but it seems when reconnecting, DNS seems to get screwed up when using the Plus Two. This never happened with the Hub Zero, and was an initial problem with the Plus One until a later firmware fix (which you were instrumental in resolving). The Plus One was never a problem following that in the  two or so years I used it after that,