Tutor
•
25 Messages
Stop DNS hijack and ping?
When the fiber side of the modem goes down due to a cable issue or hardware failure outside the premises, the BGW320-505 modem hijacks DNS and gives the false impression to my router that the network is still up. The modem resolves any character string whatsoever to its own local IP address and responds to ping. Disabling the DNS Error Assist (oddly described as a "privacy choice") only disables the web server in the modem that would otherwise throw up a helpful webpage when the network is down; but it does not disable the fake DNS server. How can the fake DNS be disabled or circumvented (such that pings fail when the network is down)? Even pinging a WAN IP address is answered by the modem when the network is down! With the current state of affairs, my router has no way to know when to failover to a backup WAN.
JefferMC
ACE - Expert
•
36K Messages
5 months ago
Strange, while I know of the DNS Error Assist "feature" (and have also turned it off), I do not have any of the issues you have with DNS or ICMP highjacking. Are you using the gateway as your DNS server?
0
0
Gomer111
Tutor
•
25 Messages
5 months ago
No, my router is configured to use 8.8.8.8 and 1.1.1.1.
0
0
thechef1
Tutor
•
484 Messages
5 months ago
DNS Error Assist has nothing to do with the web server in the modem.
0
JefferMC
ACE - Expert
•
36K Messages
5 months ago
When the gateway loses connection to the Internet, I have seen it intercept 80/443 requests and try to display a connection down page; this is not done by replying to the DNS requests with the gateway's IP, it is done by intercepting the HTTP requests on their way to the real host when there's no route to the real host. It should be noted that the 443 responses are normally eaten by the browser due to it detecting a cert mismatch.
It's only possible if the DNS names are cached on the client because there will be no resolution without a path to the DNS servers. Likewise, ICMP requests will likely get an error return.
(edited)
0
0
Gomer111
Tutor
•
25 Messages
5 months ago
The helpful webpage is only displayed if DNS Error Assist is enabled. No DNS caching is involved at all. When the fiber side is down, the modem resolves any frigging character string to its own IP address. “Any” is not an exaggeration. The modem should not hijack DNS but especially if DNS Error Assist is disabled.
0
0
Gomer111
Tutor
•
25 Messages
5 months ago
The modem should also not hijack ICMP.
0
0
thechef1
Tutor
•
484 Messages
5 months ago
The modem has no awareness of DNS Error Assist.
0
JefferMC
ACE - Expert
•
36K Messages
5 months ago
Agreed, and I have never known it to.
0
Gomer111
Tutor
•
25 Messages
5 months ago
Disabling DNS Error Assist in the web privacy choices configures the modem to stop displaying the helpful webpage when the fiber side goes down. Unfortunately this setting doesn't also disable the fake DNS when the fiber is down.
0
0
JefferMC
ACE - Expert
•
36K Messages
5 months ago
You keep stating your beliefs as if they were accepted facts, but they're just that: "your beliefs."
0
0