Firewalla Purple SE Intermittent DNS Failure
I have had a Firewalla Purple SE in Router Mode between my Wifi Access Point and my DSL modem for almost a year with no problems (using Native mode Family Protect). But in the last few months multiple devices will have DNS lookup failures maybe once or twice a day. After about 10-20 seconds, the DNS lookups start to work again. I have seen this both on our Pixel 8 phones and also on my windows desktop. I tried switching the DNS hosts in the DSL modem to Google/Cloudflare instead of the ISP defaults, and have also tried disabling IPv6, but still see the same issue. When it is in a bad state, I can still ping the DNS host, but nslookups will fail. Any ideas?
-
Not using any DNS Services (no Unbound, no DNS over HTTPS, no Custom DNS Rules).
Using some local rules, Ad Block, Family Protect (Native mode), and Safe Search.
LAN side Primary DNS is set to 192.168.15.1 (which is the Firewalla), no secondary DNS.
WAN side no Primary or Secondary DNS set in Firewalla app, but it is using Primary 192.168.0.1 (which is the DSL modem) and Secondary 1.1.1.1 (cloudflare, which is the primary DNS set up on the DSL Modem) -
As a summary for others:
School chromebook is sometimes issuing a burst of >5k dns requests in <60s causing the firewalla to hit max cpu load and blocking dns for all other clients. Have been able to capture the behaviour with tcpdump, analyze the results in dnstop and wireshark, but have not been able to resolve since I have no permissions to change anything on the school chromebook. -
Did you ever get this figured out? I opened a support case and Firewalla was very responsive, however I never managed to "catch" it happening for long enough to do an nslookup. I just hear in passing from my kids "What did you do to the internet? It's slow".
I don't know if it's still occurring--I had a few hiccups recently but for all I know they were the ISP. Did you find a root cause? Thanks
-
@keith, are you using a purple SE as well? what we found from OP's case was exactly as he described: there is a huge burst of 5k DNS requests, and that somewhat clottered the system. There really isn't much we can do.
Are you having the same problem as DNS requests flooded? if not, what you can do is look at this article, it may give some clues if your home network may have problems https://help.firewalla.com/hc/en-us/articles/4413511352083-Network-Performance-and-Quality-Monitoring
-
Thanks for the response! I am using a Purple SE, and gave you guys access to it for over a week. I assume if this was my problem, you would have seen that? I asked if my SE was adequate and was told yes.
I'll read that page when I'm home from work, thanks! Does it describe how I can detect this? I have a kid with a chromebook at home too.
-
@keith, I did look at the ticket, and support team did not feel the issue is DNS caused things to slow, and they wanted you to try turn off safe search and see if it will make things better. It is pretty rare to see chromebooks going mad and do 5k queries in a burst, this is abnormal for sure.
-
Thanks for looking that up. Please don't misunderstand--I'm very pleased with your support. But I do still have hiccups every once in a while on my main PC that I don't see on my work (VPN) machine. I turned safe search back on yesterday, as the main reason I got firewalla was for my kids. We'll see if there is a noticeable change. Thanks!
Please sign in to leave a comment.
Comments
12 comments