really weird DNS problem in Ubuntu {after one month, seems like ISP problem}

I been having this random dns problem, in Ubuntu 10.04 and in 10.10 it started about 2 weeks ago after (I believe) an update.

Basically when I go to a website randomly I get that the website I'm visiting is not available ("Oops! Google Chrome could not connect to ..." & "This webpage is not available.").

I tested with Chromium "7.0.515.0 (58587)" and Firefox minefield (4.0ish) and 3.6.9.

I did these 4 things already:

/etc/default/grub GRUB_CMDLINE_LINUX="ipv6.disable=1"

and this:

/etc/sysctl.conf

net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 net.ipv6.conf.lo.disable_ipv6 = 1

*disabling Chromium DNS pre-fetching

*using Google and OpenDNS servers as well as ISP DNS servers.

But didn't improve, also no other computers in my network have the same problem. All computer wired to the same router.

I'm a software engineer that run out of ideas, please help me.

Thanks in advance.

UPDATE: some programs (synaptic / firefox update/ vuze(azureus)) say connection refused for the error. Most of the time a second try will fix the "refusal".

UPDATE2: I found out with Wireshark, that everytime I have this problem i've got this

192.168.0.10 8.8.8.8 ICMP Destination unreachable (Port unreachable)

Confirmed an ISP error. ISP;Speedy Location: Argentina, Buenos Aires (capital Federal) Area.

OmniWired

Posted 2010-09-06T03:52:11.107

Reputation: 133

Are you pulling an IP address via DHCP, or do you have a static IP? When you say that you are randomly seeing the "oops..." messages, does that mean randomly while accessing one site - or randomly accessing various sites? Can you give examples of sites that work, and one's that do not? I'd rule out search domain issues, etc. – Matt – 2010-09-06T15:21:09.043

Static IP (Always), but also tried with a DHCP given IP. Same thing happens with various sites, from google to xda-developers, it doesn't matter which site. – OmniWired – 2010-09-06T16:34:50.287

knowing your DNS servers from the entries in /etc/resolv.conf, is dig www.google.com @<DNS-server> giving you any (random) errors? – MaoPU – 2010-09-07T08:47:21.763

No, I don't get random errors, this is what makes me think is a lib error. – OmniWired – 2010-09-07T18:06:29.300

Answers

This problems happen when a ISP don't do their job properly.

Basically the transparent proxy sends a RST response and cuts the TCP session.

The workaround is to use a custom made proxy that retries when the RST flag is detected.

This is the proxy:

http://code.google.com/p/hammerofthor/

I hope this fix the problem for other problem, in others countries maube, with the same problem.

I feel the need to say that this doesn't fix the problem, given that the issue is in the "transparent proxy" that runs the ISP. But this stops the problem by making a re try attempt automatically.

This is the IPTABLES WAY:

iptables -A OUTPUT -p tcp --dport 80 -m state --state NEW -m recent --set --name thor --rdest -j ACCEPT
iptables -A INPUT -p tcp -m tcp --tcp-flag RST RST -m state --state ESTABLISHED -m recent --name thor --rcheck --rsource --seconds 1 -j DROP

OmniWired

Posted 2010-09-06T03:52:11.107

Reputation: 133

Have you tried powercycling the router/modem yet? Yes, I know, its not ubuntu-specific, but it could be causing these sorts of errors.

Ryan Gooler

Posted 2010-09-06T03:52:11.107

Reputation: 1 844

no fix, the same machine in windows works fine. Maybe is a ISP provider? even if i'm not using their DNS servers ? – OmniWired – 2010-09-15T23:57:46.287

If you are having problems with your ISP, you could try some third party DNS servers. For example there is OpenDNS and Google Public DNS.

AndrejaKo

Posted 2010-09-06T03:52:11.107

Reputation: 16 459

1you should read the post again.(is written that I'm using those DNS) This is a problem (it seems) with the transparent proxy... some people say. Maybe is at the transport layer, who knows... – OmniWired – 2010-09-25T11:10:59.690

1Why did you answer to use what he said it wasn't working? – Saikios – 2010-09-26T20:08:13.397

Googling my own DNS problem, I came here. None of the above helped me. We moved our webhost to a new, dedicated server and nothing could find it from the LAN. /etc/hosts changes weren't working, nothing.

Our firewall server has bind9 and in /etc/bind/, there was a file with the domain as part of the file name. I edited that reflecting the new IP. Now nslookup works correctly for us.

Chris K

Posted 2010-09-06T03:52:11.107

Reputation: 923