I do a bit of technical support for a small retail antique shop customer. Most of the most of the callouts are fairly routine but once in a while a strange little problem will appear. The symptoms of this issue are the inability of web browsers to reach webpages and sometimes Email connection failures (but not necessarily both at the same time). Firefox and Chrome are the two web browsers used to cross check web page connections.
Configuration is single BT broadband networking with BT Hub acting as a router. The connection from the PC to the hub is wired but the hub also provides a Wi-Fi service around the shop. There had been some account problems at BT but these been resolved. The PC has AVAST antivirus installed with a paid and up-to-date subscription.
When the particular occurs the Wi-Fi service still works correctly providing webpages and app updates. This would indicate that the problem is within the PC or connection to the hub. To confirm that the problem is directly within the PC the old-fashioned command line tools nslookup and ping were used. Also, the hub has a direct IP address to connect to obtain its status.
 |
| When the fault is *not* apparent both nslookup and ping work correctly. |
 |
| During a failure the nslookup fails but the ping to an IP address works. |
The AVST software thinks there is a total network failure but there is not. ( ping works )
During this time the Email service continues, probably because it has done the DNS look ups that are needed for the service during the time that DNS is working.
 |
During a failure situation the windows network diagnostics indicates a DNS service failure. This diagnosis matches the behaviour (ping works) above and as such rules out total network connection failure.
|
|
 |
| Most telling the AVST service shows an ability to monitor DNS/DoH scanning. |
This was disabled as part of the problem resolution process.
 |
| These are the network adapters showing. The AVAST Secureline is infrastructure for an unused VPN service. |
When the system is rebooted, the network services typically recover but fail again within a few hours or days. But what we have here is an example of a specific DNS service failure. Either something is interfering with the DNS service or the DNS service itself is not functioning properly. I would think it's unlikely to be the latter because the Wi-Fi service continues unaffected during the time that this fault is occurring this lead to the conclusion that something on the machine itself is interfering with the DNS service.
As of 14 Oct 2024
The remediation process was to set the DNS servers for the network adapter in use to be the gold standard 8.8.8.8 (Google main service) and as back up 208.67.222.222 from OpenDNS. Also the DNS/DoH scanning was disabled ( as shown above). At this point, we are awaiting a recurrence of the issue. If the issue does not re occur, we will reenable DNS/DoH scanning and if after that the problem reoccurs we will be phoning up Avast fairly quickly to show them the problem we have.
The useful suggestion was made to use the ipconfig command to gather more details.
No comments:
Post a Comment