Thread Info
  • State Verified Answer
  • Replies 21 replies
  • Subscribers 5 subscribers
  • Views 36498 views
  • Users 0 members are here
Options
Suggested

fqdn.log - Intermittent Internet DNS issue

lferrara

With v17 beta1,

I am having randomly dns issue and so web surfing is not working sometimes. from FQDN.log:

SFVH_SO01_SFOS 17.0.0 Beta-1# tail -f fqdnd.log
ERROR     Sep 16 02:40:49 [4149352192]: addOrUpdateFQDNCache: FQDN Host : dropboxapi.com DNS query error; retry after retry_interval_on_error = 30  seconds...
ERROR     Sep 16 02:40:58 [4149352192]: addOrUpdateFQDNCache: FQDN Host : push.apple.com DNS query error; retry after retry_interval_on_error = 30  seconds...
ERROR     Sep 16 02:41:01 [4149352192]: addOrUpdateFQDNCache: FQDN Host : sharefileftp.com DNS query error; retry after retry_interval_on_error = 30  seconds...
ERROR     Sep 16 02:41:01 [4149352192]: addOrUpdateFQDNCache: FQDN Host : sharefile-webdav.com DNS query error; retry after retry_interval_on_error = 30  seconds...
ERROR     Sep 16 02:41:01 [4149352192]: addOrUpdateFQDNCache: FQDN Host : osdimg.com DNS query error; retry after retry_interval_on_error = 30  seconds...
ERROR     Sep 16 02:41:04 [4149352192]: addOrUpdateFQDNCache: FQDN Host : dropboxdocs.com DNS query error; retry after retry_interval_on_error = 30  seconds...
ERROR     Sep 16 02:41:04 [4149352192]: addOrUpdateFQDNCache: FQDN Host : boxlocalhost.com DNS query error; retry after retry_interval_on_error = 30  seconds...
ERROR     Sep 16 02:41:04 [4149352192]: addOrUpdateFQDNCache: FQDN Host : boxcdn.net DNS query error; retry after retry_interval_on_error = 30  seconds...
ERROR     Sep 16 02:41:04 [4149352192]: addOrUpdateFQDNCache: FQDN Host : sf-api.com DNS query error; retry after retry_interval_on_error = 30  seconds...
ERROR     Sep 16 02:41:13 [4149352192]: addOrUpdateFQDNCache: FQDN Host : content.force.com DNS query error; retry after retry_interval_on_error = 30  seconds...
ERROR     Sep 16 02:41:15 [4149352192]: addOrUpdateFQDNCache: FQDN Host : sf-api.eu DNS query error; retry after retry_interval_on_error = 30  seconds...
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
ipset v6.14: Element cannot be deleted from the set: it's not added
^C

Is this a normal behaviour?

Thanks

  • 0

    Still having a lot of issue with DNS on XG. I tried to use XG as DNS or using external DNS, same behaviour. Pages are not loading sometimes.

    If the issue persists, I will revert back to v16.

    Regards

  • 0 in reply to lferrara

    ERROR     Sep 17 08:31:53 [4150089472]: addOrUpdateFQDNCache: FQDN Host : osdimg.com DNS query error; retry after retry_interval_on_error = 30  seconds...
    ERROR     Sep 17 08:31:56 [4150089472]: addOrUpdateFQDNCache: FQDN Host : boxlocalhost.com DNS query error; retry after retry_interval_on_error = 30  seconds...
    ERROR     Sep 17 08:32:00 [4150089472]: FQDN Host : 18-courier.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:00 [4150089472]: FQDN Host : 31-courier.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:00 [4150089472]: FQDN Host : 17-courier.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:00 [4150089472]: FQDN Host : 21-courier.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:00 [4150089472]: FQDN Host : 3-courier.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:00 [4150089472]: FQDN Host : 49-courier.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:00 [4150089472]: FQDN Host : 29-courier.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:00 [4150089472]: FQDN Host : 41-courier.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:00 [4150089472]: FQDN Host : 27-courier.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:00 [4150089472]: FQDN Host : 22-courier.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:00 [4150089472]: FQDN Host : 11-courier.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:00 [4150089472]: FQDN Host : 2-courier.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:00 [4150089472]: FQDN Host : 44-courier.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:00 [4150089472]: FQDN Host : 25-courier.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:00 [4150089472]: FQDN Host : 38-courier.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:00 [4150089472]: FQDN Host : 40-courier.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:00 [4150089472]: FQDN Host : 36-courier.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:00 [4150089472]: FQDN Host : 15-courier.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:00 [4150089472]: FQDN Host : 48-courier.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:00 [4150089472]: FQDN Host : www.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:00 [4150089472]: FQDN Host : 12-courier.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:02 [4150089472]: FQDN Host : 35-courier.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:02 [4150089472]: FQDN Host : courier.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:02 [4150089472]: FQDN Host : client-s.gateway.messenger.live.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:02 [4150089472]: FQDN Host : gs-loc.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:02 [4150089472]: FQDN Host : 10-courier.sandbox.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:02 [4150089472]: FQDN Host : 1-courier.sandbox.push.apple.com DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:03 [4150089472]: FQDN Host : d2did1ej1vlb4r.cloudfront.net DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:03 [4150089472]: FQDN Host : d5phz18u4wuww.cloudfront.net DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:03 [4150089472]: FQDN Host : d1l7ylfxkjjjjf.cloudfront.net DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:03 [4150089472]: addOrUpdateFQDNCache: FQDN Host : sharefileftp.com DNS query error; retry after retry_interval_on_error = 30  seconds...
    ERROR     Sep 17 08:32:03 [4150089472]: addOrUpdateFQDNCache: FQDN Host : sf-api.com DNS query error; retry after retry_interval_on_error = 30  seconds...
    ERROR     Sep 17 08:32:03 [4150089472]: addOrUpdateFQDNCache: FQDN Host : sf-api.eu DNS query error; retry after retry_interval_on_error = 30  seconds...
    ERROR     Sep 17 08:32:04 [4150089472]: FQDN Host : d1zf2p7ylo2ros.cloudfront.net DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:05 [4150089472]: addOrUpdateFQDNCache: FQDN Host : staticforce.com DNS query error; retry after retry_interval_on_error = 30  seconds...
    ERROR     Sep 17 08:32:05 [4150089472]: addOrUpdateFQDNCache: FQDN Host : sharefile-webdav.com DNS query error; retry after retry_interval_on_error = 30  seconds...
    ERROR     Sep 17 08:32:06 [4150089472]: FQDN Host : join.me DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:06 [4150089472]: FQDN Host : dk9ps7goqoeef.cloudfront.net DNS response error,  server=127.0.0.1" return value = -1
    ERROR     Sep 17 08:32:06 [4150089472]: addOrUpdateFQDNCache: FQDN Host : push.apple.com DNS query error; retry after retry_interval_on_error = 30  seconds...

  • 0 in reply to lferrara

    Hi Luk,

    I have checked my v17b and using the XG as the DNS via the DHCP assignment also changed the DNS setting of the XG but did not see any of those errors.

    Which log file are you seeing the errors? Is yours an upgrade or a fresh install?

     

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Hi,

    The Error logs are common and does not have any issue with that.

    Please share the page details, which is not able to load sometime

     

    Regards,

    Deepti Bhavsar

  • 0 in reply to lferrara

    Hi Luk, all the websites in your first post don't have "A" records. The logging should probably clearly log that instead of the dns error message. I do agree that randomly the websites fail to load without any logs to back up the problem. Maybe it is related to the large amount of unidentified traffic discussed here https://community.sophos.com/products/xg-firewall/sophos-xg-beta-programs/sfos-v170-beta/f/sfos-v170-beta-feedback/95909/fw-log-could-not-assocate-packet-to-any-connection-when-ips-enabled 

    @ Ian, he is looking at fqdn.log in the /log directory

  • 0

    These are all debug level events, not actual errors, as mentioned. We'll clean up the logging, and hide these unless more verbose debug logging is enabled. 

    Thanks for pointing it out.

  • 0 in reply to AlanT

    Thanks Alan. In my case I am not able to surf on v17 beta. I am able to surf of Community and write this reply but all other websites are not loading correctly. I have a DNS resolution on my beta box. Pinging www.google.com does not work on computer behind XG and on XG itself.

    I tried to use public DNS same thing (a firewall rule where dns is allowed has been created). Reverting back to v16.5 MR7, resolves the issue.

    No one has this issue. Let me know what logs I can provide. TCPDUMP "port 53" does not return nothing. I go back to MR7 (sorry).

    Thanks

  • 0 in reply to lferrara

    The errors you posted won't be related to it. they're not actual service failures, but just informational output. do you have any other logs from the system when this was happening? 

  • 0 in reply to AlanT

    AlanT,

    if I can have a look at other logs, let me know which one. tcpdump port 53 output gives no results, there is a bug/issue somewhere.

  • 0 in reply to lferrara

    I don't think the DNS log is related to web browsing issues.

    Can you please include the tail of /log/http.log.  In addition, can you hit F12 in your browser, go to network, and load one of the "blank" pages.  I'd like to see if it "200 OK" or something else.

Unfiltered HTML