NetComm NF18ACV (TrustPower / Mercury Energy) Router

Forums › Mercury and NOW › NetComm NF18ACV (TrustPower / Mercury Energy) Router - Very Weird DNS Issue

SamF

1598 posts

Uber Geek
+1 received by user: 252

Trusted

#315935 30-Aug-2024 21:43

Ok, I guarantee this is the most obscure DNS issue you've seen all week :D

I have a relative who is with Mercury for her broadband (Fibre).

She has a NetComm NF18ACV router, which I believe was supplied by TrustPower.

'Software Version' on the router is: NF18ACV.NC.TP-R6B025.EN

I run backups for her which are going to Wasabi.

Recently the backups have been failing and tonight I found out why.

The problem is a DNS resolution one and here's where it gets weird.

For example:

Resolving the following works fine:

backupstorage10.s3.wasabisys.com

Resolving this, does not:

backupstorage100.s3.wasabisys.com

What's the difference?

The working example is 32 characters long.

The non-working example is 33 characters long.

Based on my testing (and I have quadruple-checked), this NetComm NF18ACV router will not resolve DNS names longer than 32 characters.

I've tried disabling the 'DNS Proxy Filter' option in case that was causing an issue, but there was no change.

Can anyone verify this on another NetComm NF18ACV router?

1 | 2

2238 posts

Uber Geek
+1 received by user: 594

#3277316 30-Aug-2024 22:31

I think it's more likely triggered by the size of the response in this case.

SamF

1598 posts

Uber Geek
+1 received by user: 252

Trusted

#3277317 30-Aug-2024 22:33

yitz:

I think it's more likely triggered by the size of the response in this case.

WDYM?

yitz

2238 posts

Uber Geek
+1 received by user: 594

#3277319 30-Aug-2024 22:41

backupstorage100 returns a 513 bytes response whereas backupstorage10 is 512 bytes, ISP is likely doing some sort of filtering based on this boundary limit and TCP fallback is not working.

SamF

1598 posts

Uber Geek
+1 received by user: 252

Trusted

#3277320 30-Aug-2024 22:48

Hmm, interesting.

Not sure why the response is different because it's returning the same IP so should be the same response size?

Are you with Mercury for your Internet?

I'm trying to query the Mercury DNS servers directly via my 2Degrees connection, but it's not permitted.

Mercury DNS Servers:

202.74.33.0

202.74.33.1

yitz

2238 posts

Uber Geek
+1 received by user: 594

#3277322 30-Aug-2024 23:02

Yes it's 513 bytes because extra character has pushed it over but there's way too many A records being returned in round robin configuration, have they not heard of virtual IP load balancing?? I'm saying it's not necessarily the router could be ISP filtering. I'm not on Mercury either so also get recursion requested but not available from their server.

SamF

1598 posts

Uber Geek
+1 received by user: 252

Trusted

#3277325 30-Aug-2024 23:06

Oh, so the original query is returned in the DNS reply? I wasn't aware of that.

I can determine whether it's router or ISP DNS server by doing a direct query tomorrow when I can get on her PC remotely again.

I was on tonight, but I didn't think about doing that test before I disconnected :D

HP

Shop now for HP laptops and other devices (affiliate link).

SamF

1598 posts

Uber Geek
+1 received by user: 252

Trusted

#3277378 31-Aug-2024 13:26

Ok, an update.

Querying the Mercury DNS servers directly returns the expected result regardless of DNS name length.

So, the problem is with the router itself.

Still keen to see if someone can replicate this with the same model router if possible!

yitz

2238 posts

Uber Geek
+1 received by user: 594

#3277589 31-Aug-2024 21:28

Well I tried a Huawei HG630b on my LAN and it doesn't respond to any queries when I force TCP in dig.

When I point my operating system DNS to this router and browse to https://backupstorage100.s3.wasabisys.com/ in Chrome I get DNS_PROBE_FINISHED_NXDOMAIN while backupstorage10 works. If I change my DNS server addresses back I get an address for both and can connect.

I guess a workaround on the Netcomm would be to uncheck Enable DNS Proxy under Advanced settings > DNS Proxy so DNS server addresses from the WAN connection 202.74.33.0/1 get assigned directly to LAN clients.

SamF

1598 posts

Uber Geek
+1 received by user: 252

Trusted

#3277598 31-Aug-2024 22:30

Is there any relationship between the Huawei HG630b and the NetComm NF18ACV?

Unfortunately disabling the DNS Proxy causes DNS to cease functioning for client PCs.

However, I can manually override the DNS server in the client IP settings.

yitz

2238 posts

Uber Geek
+1 received by user: 594

#3277599 31-Aug-2024 22:53

Both are busybox running on a Broadcom chipset.

SamF

1598 posts

Uber Geek
+1 received by user: 252

Trusted

#3277604 31-Aug-2024 23:38

Ah right, gotcha.

Seems to be a bug there!

Dell

Shop now for Dell laptops and other devices (affiliate link).

cddt

1965 posts

Uber Geek
+1 received by user: 1904

#3277617 1-Sep-2024 07:00

I came here for the obscure DNS issue, I am not disappointed!

My referral links: BigPipe | Mercury

noroad

1025 posts

Uber Geek
+1 received by user: 675

Trusted

#3277619 1-Sep-2024 07:12

Set the DNS in DHCP manually to to ISP's DNS server IP's instead of "auto" which will be the local DNS proxy

SamF

1598 posts

Uber Geek
+1 received by user: 252

Trusted

#3277672 1-Sep-2024 08:25

cddt:
I came here for the obscure DNS issue, I am not disappointed!

YW :D

SamF

1598 posts

Uber Geek
+1 received by user: 252

Trusted

#3277674 1-Sep-2024 08:29

noroad:
Set the DNS in DHCP manually to to ISP's DNS server IP's instead of "auto" which will be the local DNS proxy

Yeah, that's what I've done.

It's a reasonable workaround, but I'd still like to confirm on another identical box and submit a bug report to someone however.

1 | 2