| View previous topic :: View next topic |
| Author |
Message |
terracottalite
n00b
Joined: 11 Feb 2023
Posts: 5
|
 Posted: Thu Aug 10, 2023 2:37 pm Post subject: DNS breaks under load(?) |
 |
|
My internet breaks when I am using it heavily (like emerge updates).
But, only external domains break. 192.168.1.1 pings fine, and so does 8.8.8.8 (or any ip).
I can work around it by running
| Code: | | $ wpa_cli reconfigure |
or | Code: | | # rc-service wpa_supplicant restart |
I tried using different DNS providers,
I tried using a network manager (connman).
And here are some relevant information:
Gentoo OpenRC minimal profile
| Code: | $ eselect profile list
Available profile symlink targets:
[1] default/linux/amd64/17.1 (stable) *
...
|
Broadcom controller
| Code: | $ lspci | grep -i net
02:00.0 Network controller: Broadcom Inc. and subsidiaries BCM43224 802.11a/b/g/n (rev 01) |
b43 driver
| Quote: | $ lsmod | grep b43
b43 475136 0
ssb 69632 1 b43
mac80211 1048576 1 b43
cfg80211 1052672 2 b43,mac80211 |
dmesg
| Code: | $ dmesg |grep -i -e wlp2s0b1 -e wifi -e wlan
[ 8.416212] b43-phy0: Broadcom 43224 WLAN found (core revision 23)
[ 8.447900] b43 bcma0:1 wlp2s0b1: renamed from wlan0
[ 20.579053] wlp2s0b1: authenticate with a4:f3:3b:a7:5b:7a
[ 20.640019] wlp2s0b1: send auth to a4:f3:3b:a7:5b:7a (try 1/3)
[ 20.642662] wlp2s0b1: authenticated
[ 20.643759] wlp2s0b1: associate with a4:f3:3b:a7:5b:7a (try 1/3)
[ 20.646764] wlp2s0b1: RX AssocResp from a4:f3:3b:a7:5b:7a (capab=0x1c31 status=0 aid=2)
[ 20.647112] wlp2s0b1: associated
[ 20.736845] wlp2s0b1: Limiting TX power to 27 (27 - 0) dBm as advertised by a4:f3:3b:a7:5b:7a
[ 20.792052] IPv6: ADDRCONF(NETDEV_CHANGE): wlp2s0b1: link becomes ready
# Here I run wpa_cli reconfigure
[ 3574.780897] wlp2s0b1: deauthenticating from a4:f3:3b:a7:5b:7a by local choice (Reason: 3=DEAUTH_LEAVING)
[ 3583.190798] wlp2s0b1: authenticate with a4:f3:3b:a7:5b:7a
[ 3583.252752] wlp2s0b1: send auth to a4:f3:3b:a7:5b:7a (try 1/3)
[ 3583.256307] wlp2s0b1: authenticated
[ 3583.257485] wlp2s0b1: associate with a4:f3:3b:a7:5b:7a (try 1/3)
[ 3583.262622] wlp2s0b1: RX AssocResp from a4:f3:3b:a7:5b:7a (capab=0x1c31 status=0 aid=2)
[ 3583.263061] wlp2s0b1: associated
[ 3583.319043] wlp2s0b1: Limiting TX power to 27 (27 - 0) dBm as advertised by a4:f3:3b:a7:5b:7a |
resolv.conf
| Code: | $ cat /etc/resolv.conf
# Generated by dhcpcd from wlp2s0b1.dhcp
# /etc/resolv.conf.head can replace this line
# I also tried other DNS providers
nameserver 77.88.8.8
# /etc/resolv.conf.tail can replace this line |
dhcpcd.conf
| Code: | $ cat /etc/dhcpcd.conf
# A sample configuration for dhcpcd.
# See dhcpcd.conf(5) for details.
# Allow users of this group to interact with dhcpcd via the control socket.
#controlgroup wheel
# Inform the DHCP server of our hostname for DDNS.
#hostname
# Use the hardware address of the interface for the Client ID.
#clientid
# or
# Use the same DUID + IAID as set in DHCPv6 for DHCPv4 ClientID as per RFC4361.
# Some non-RFC compliant DHCP servers do not reply with this set.
# In this case, comment out duid and enable clientid above.
duid
# Persist interface configuration when dhcpcd exits.
persistent
# vendorclassid is set to blank to avoid sending the default of
# dhcpcd-<version>:<os>:<machine>:<platform>
vendorclassid
# A list of options to request from the DHCP server.
option domain_name_servers, domain_name, domain_search
option classless_static_routes
# Respect the network MTU. This is applied to DHCP routes.
option interface_mtu
# Request a hostname from the network
option host_name
# Most distributions have NTP support.
#option ntp_servers
# Rapid commit support.
# Safe to enable by default because it requires the equivalent option set
# on the server to actually work.
option rapid_commit
# A ServerID is required by RFC2131.
require dhcp_server_identifier
# Generate SLAAC address using the Hardware Address of the interface
#slaac hwaddr
# OR generate Stable Private IPv6 Addresses based from the DUID
slaac private
interface wlp2s0b1
static ip_address=192.168.1.196/24
static routers=192.168.1.1
#static domain_name_servers=149.112.112.112
static domain_name_servers=77.88.8.8
env disable_pm=1 |
services
| Code: | $ rc-update show
alsasound | default
binfmt | boot
bluetooth | default
bootmisc | boot
cgroups | sysinit
chronyd | default
consolefont | boot
dcron | default
devfs | sysinit
dhcpcd | default
dmesg | sysinit
fsck | boot
hostname | boot
keymaps | boot
killprocs | shutdown
kmod-static-nodes | sysinit
linux-logo | default
local | default nonetwork
localmount | boot
modules | boot
mount-ro | shutdown
mtab | boot
procfs | boot
root | boot
save-keymaps | boot
save-termencoding | boot
savecache | shutdown
seedrng | boot
sshd | default
swap | boot
sysctl | boot
sysfs | sysinit
sysklogd | default
systemd-tmpfiles-setup | boot
systemd-tmpfiles-setup-dev | sysinit
termencoding | boot
udev | sysinit
udev-trigger | sysinit
wpa_supplicant | default |
The problem exist since I installed Gentoo (September 15 2022).
My issue is exactly the same (except the environment) with https://forums.gentoo.org/viewtopic-p-8785420.html .
PS: Not sure if posting these files are better for you, if it is too long to scroll or something I can remove it.
 
Edit: remove word together with its unintended meaning |
|
| Back to top |
|
 |
szatox
Advocate
Joined: 27 Aug 2013
Posts: 3487
|
| Posted: Thu Aug 10, 2023 4:06 pm Post subject: |
|
|
| Quote: | | [ 3583.319043] wlp2s0b1: Limiting TX power to 27 (27 - 0) dBm as advertised by a4:f3:3b:a7:5b:7a |
Lol, dude, your antenna must be glowing with this power output. It's like 500mW, I wonder where in the world is it even legal (not to mention potential health risks of over-exposure to microwave radiation)
Anyway, overloaded connection means random packets get dropped.
DNS uses UDP, which means the delivery is not guaranteed, since there are no retries. Even worse, a lot of queries require multiple round-trips, which makes the whole thing quite unreliable on connections that sometimes drop packets.
What can you do about it?
Well, using a caching proxy is an option. Dnsmasq does a pretty good job. I don't recommend systemd-resolved, it's been often getting in my way on systemd-based systems, so even if you already have systemd-resolved, just replace it with something that actually works.
Basically, install dnsmasq and add nameserver 127.0.0.1 as the first entry in /etc/resolv.conf.
You can (but don't have to) provide an alternative resolv.conf for dnsmasq. If you don't, it will just slurp the default and use the other servers (not itself) as the source. Once it acquires a dns record once, it will keep reusing that answer until it expires as per source's policy. |
|
| Back to top |
|
|
terracottalite
n00b
Joined: 11 Feb 2023
Posts: 5
|
| Posted: Thu Aug 10, 2023 6:55 pm Post subject: |
|
|
| Quote: | | Lol, dude, your antenna must be glowing with this power output. It's like 500mW, I wonder where in the world is it even legal (not to mention potential health risks of over-exposure to microwave radiation) |
Lol, are you sure? Maybe you mistaked miliwatt with megawatt? I really hope that isn't true 
I don't use systemd although I linked that forum post.
I will try limiting the power, thanks.
Edıt: OK, I am way over the limit I need to shut the modem of before I get in trouble.
Edit: Seems that although it is limited to 27 my device is using at 20 dBm |
|
| Back to top |
|
|
szatox
Advocate
Joined: 27 Aug 2013
Posts: 3487
|
| Posted: Thu Aug 10, 2023 9:13 pm Post subject: |
|
|
Systemd or no systemd, what I said about dns and network congestion stands. Seriously, give dnsmasq a shot. The scenario you described is exactly where local dns cache really shines.
20dBm is a much more common and much more reasonable 100mW, though I've had people point me to anecdotal evidence suggesting that 2.4GHz can have adverse effects at even lower power level, unfortunately I couldn't find enough research to satisfy my curiosity. This, however, is OT. |
|
| Back to top |
|
|
terracottalite
n00b
Joined: 11 Feb 2023
Posts: 5
|
| Posted: Mon Aug 14, 2023 5:14 pm Post subject: |
|
|
Sorry for being late, but this solution didn't work.
I finished my long delayed system update yesterday (5 days ago) and had the chance to install dnsmasq. Using dnsmasq, my internet still breaks and I have to run wpa_cli reconfigure (I actually have a cron job for that).
I didn't have this problem with Arch or Void Linux and I still don't know what is happening.
It probably it is a misconfigured USE flag or a faulty kernel configuration seeing the problem is only on Gentoo.
Thanks for everything. I will check my USE flags... Maybe iwd will be better than wpa_supplicant.
|
|
| Back to top |
|
|
deagol
n00b
Joined: 12 Jul 2014
Posts: 62
|
| Posted: Tue Aug 15, 2023 7:47 pm Post subject: |
|
|
I don't have a good candidate what could be wrong here. It looks odd and I assume we are not looking at the real issue, yet.
But I don't think that your wireless connection is responsible here. Reconnecting probably just kicks off some other job which fixes whatever went wrong.
wpa_supplicant or iwd are next to be sure not responsible: If something would be wrong here, it also should not work when using IPs instead of names.
I would look at that with dig first to isolate the problematic area:
When it's broken, use dig to resolve names and try different DNS servers, e.g.:
This basically bypasses the system DNS resolution and directly queries the IP after the @. Or with the +trace option like a DNS resolver.
The output may be a bit challenging when you don't have a some DNS background, though. You can add +short to the commands with @ to get a really minimal feedback. But the more verbose the better, in my opinion!
(nslookup can be used instead. But dig has more options and is much easier to use when you need those...)
I expect the first and second dig to be working and something be broken with the system DNS resolution. (The last dig may or may not work in that case) If *none* of them are working thinks get interesting:
In that case, verify if they work without the problem. If these commands indeed only fail during the issue something is really off:
Wpa is not caring if a packet uses icmp, udp or tcp. The only special case is multicast/broadcast and that also only from the router to the clients. Clients to router is again handled like all other unicast traffic. |
|
| Back to top |
|
|
terracottalite
n00b
Joined: 11 Feb 2023
Posts: 5
|
| Posted: Wed Aug 16, 2023 11:35 am Post subject: |
|
|
OK, so something is seriously wrong?
| Code: | terra@argon ~ $ ping 9.9.9.9
PING 9.9.9.9 (9.9.9.9) 56(84) bytes of data.
64 bytes from 9.9.9.9: icmp_seq=1 ttl=56 time=48.0 ms
64 bytes from 9.9.9.9: icmp_seq=2 ttl=56 time=47.5 ms
^C
--- 9.9.9.9 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 47.530/47.780/48.030/0.250 ms
terra@argon ~ $ dig @9.9.9.9 www.google.de
; <<>> DiG 9.16.42 <<>> @9.9.9.9 www.google.de
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached |
| Code: | terra@argon ~ $ ping 77.88.8.8
PING 77.88.8.8 (77.88.8.8) 56(84) bytes of data.
64 bytes from 77.88.8.8: icmp_seq=1 ttl=49 time=91.9 ms
64 bytes from 77.88.8.8: icmp_seq=2 ttl=49 time=90.9 ms
^C
--- 77.88.8.8 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 90.884/91.375/91.866/0.491 ms
terra@argon ~ $ dig +trace www.google.de
; <<>> DiG 9.16.42 <<>> +trace www.google.de
;; global options: +cmd
;; connection timed out; no servers could be reached |
| Code: | terra@argon ~ ping localhost
PING localhost(localhost (::1)) 56 data bytes
64 bytes from localhost (::1): icmp_seq=1 ttl=64 time=0.085 ms
64 bytes from localhost (::1): icmp_seq=2 ttl=64 time=0.096 ms
^C
--- localhost ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1052ms
rtt min/avg/max/mdev = 0.085/0.090/0.096/0.005 ms
terra@argon ~ $ dig @127.0.0.1 www.google.de
; <<>> DiG 9.16.42 <<>> @127.0.0.1 www.google.de
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached |
My router also has a DNS
| Code: | terra@argon ~ $ ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=3.71 ms
64 bytes from 192.168.1.1: icmp_seq=3 ttl=64 time=1.53 ms
^C
--- 192.168.1.1 ping statistics ---
3 packets transmitted, 2 received, 33.3333% packet loss, time 2006ms
rtt min/avg/max/mdev = 1.527/2.616/3.706/1.089 ms
terra@argon ~ $ dig @192.168.1.1 www.google.de
; <<>> DiG 9.16.42 <<>> @192.168.1.1 www.google.de
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached |
Edit: After `wpa_cli reconfigure`
| Code: | terra@argon ~ $ dig @9.9.9.9 www.google.de
; <<>> DiG 9.16.42 <<>> @9.9.9.9 www.google.de
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37558
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.google.de. IN A
;; ANSWER SECTION:
www.google.de. 300 IN A 216.58.208.99
;; Query time: 57 msec
;; SERVER: 9.9.9.9#53(9.9.9.9)
;; WHEN: Wed Aug 16 14:35:55 +03 2023
;; MSG SIZE rcvd: 58 |
|
|
| Back to top |
|
|
terracottalite
n00b
Joined: 11 Feb 2023
Posts: 5
|
| Posted: Wed Aug 23, 2023 8:16 am Post subject: |
|
|
OK, turns out the problem isn't with just DNS.
When the internet is down: I can ping 142.250.74.142 (Google's IP at the time of writing). But when I try to connect to the website using Firefox or do anything like that it fails.
| Code: | terra@argon ~ $ ping 142.250.74.142
PING 142.250.74.142 (142.250.74.142) 56(84) bytes of data.
64 bytes from 142.250.74.142: icmp_seq=1 ttl=113 time=68.8 ms
64 bytes from 142.250.74.142: icmp_seq=2 ttl=113 time=68.6 ms
^C
--- 142.250.74.142 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 68.639/68.715/68.791/0.076 ms
terra@argon ~ $ wget '142.250.74.142'
--2023-08-23 11:10:59-- http://142.250.74.142/
Connecting to 142.250.74.142:80... failed: Connection timed out.
Retrying. |
Maybe I should check what wpa_cli reconfigure actually does.
In the meantime I also tried:
- using gentoo-kernel-bin, and the problem is there too. So it isn't a kernel thing.
- dig +tcp and dig +notcp, so it isn't with specifically TCP or UDP.
Edit: I checked the wpa_supplicant source code `wpa_cli reconfigure` comes down to `wpa_supplicant_reload_configuration` in `wpa_supplicant.c`. It looks like it wouldn't be much different than `rc-service wpa_supplicant restart`. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
