My DNS setup BROKEN by V1.20(ABWV.0)

PeterUK
PeterUK Posts: 3,461  Guru Member
100 Answers 2500 Comments Friend Collector Seventh Anniversary
edited April 22 in USG FLEX H Series

USG FLEX 200H V1.20(ABWV.0)

Just upgraded and already problems that are not in V1.10 which I did found and report when I was testing 110ABWV1ITS-M3715 and 110ABWV1ITS-24WK05-M3737.bin which now need to be fixed in order for my to test more.

I will post a setup of the problem in a bit...I did notch the enable toggle for Global Zone Forwarder which looks interesting but really wanted the option of auto added DNS to be disabled not the whole thing!

So in V1.10 My DNS worked fine 192.168.255.193 would send to 192.168.255.235 then my defined DNS via VLAN53 in FLEX would send to my BIND server gets a answer sends it back to FLEX then back to client inV1.20 192.168.255.193 would send to 192.168.255.235 then nothing when using nslookup however due to another bug the browser tries more aggressively again and again to do the lookup and the FLEX then send out the DNS request

Note I block the AUTO added DNS upstream so that only my defined DNS via VLAN53 is the only one it should use.

All Replies

  • PeterUK
    PeterUK Posts: 3,461  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    Ok so a update it seems you have done something about how the device registered wanting to use my ISP DNS which I blocked causing this problem if I unplug GE2 WAN2 then LAN to WAN3 runs DNS fine and with HTTPS Domain Filter enabled which is odd.

    Question now is what happens when I scan QR code get the device registered then connect my ISP GE2 up with my ISP DNS still blocked…

  • PeterUK
    PeterUK Posts: 3,461  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited April 19

    Some thing very wrong is going with the FLEX seeing a WAN IP on Ge2 I was thinking it was to do with the auto added DNS but I have tried entering a fixed IP of the IP I'm on for testing and still a problem. But when I unplug Ge2 with LAN not routed to go out WAN2 g2 for LAN to go Ge3 WAN3 it all runs fast plug in Ge2 its slow.

    I'm loss on this one...

    Edit

    Not 100% but it seems the User-Defined Trunk I made that worked fine in V1.10 but not it this V1.20 so I made some changed to it to have all active and least load first not sure why it caused all this trouble.

    still a problem until I unplug ge2…

  • PeterUK
    PeterUK Posts: 3,461  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited April 19

    It seems as if if you have more then 2 WAN's linked online it cause problems? if plugged in I run WAN2 and VLAN443 all is fine if I run WAN3 and VLAN443 all is fine but if I run all 3 their are web page delays problems

  • Zyxel_Joshua
    Zyxel_Joshua Posts: 62  Zyxel Employee
    5 Answers First Comment Friend Collector Sixth Anniversary
    edited April 19

    Hi @PeterUK ,

    wanted the option of auto added DNS to be disabled

    You can use CLI to disable DHCP option request for the DNS server.

    flex100h> edit running
    flex100h running config# del / vrf main interface ethernet ge2 ipv4 dhcp request domain-name-servers
    flex100h running config# commit
    Configuration committed.
    flex100h running config# copy running startup
    Overwrite startup configuration? [y/N] y
    flex100h running config# show config vrf main interface ethernet ge2 ipv4

  • PeterUK
    PeterUK Posts: 3,461  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited April 19

    Thanks good to know you can disable  auto added DNS.

    still a problem if too many WAN interfaces are online