WinGate Forums

[rdunn]

Hi All-

Running wingate 6.2.2 build 1137, w2k.

Been getting many messages in my Client tab:

DNS: A lookup "msn.soundsgood.com"

These messages eventually kill internet performance and I have to reboot the offending client pc and the wingate server. The client pc user never tries to access the above site. So I think:

1) one of the sites the user is accessing (typically Yahoo and ebay) is trying to resolve this link.

2) Other software on the pc is trying to resolve this link in the background.

Client pc uses MacAfee antivirus and site advisor.

I have cleared the wingate dns cache and still no joy. While I realize that this is not a wingate issue per se, I would like to have my wingate server not be brought down by these "dead links" or whatever sites like msn.soundsgood.com are. I tried to find a way to make the wingate server ignore these failed requests, but could not. I'm afraid wingate has spoiled me. Been running it "turn key" for years without having to delve into the mysteries of dns, dhcp,etc.. Now that I have a problem, I don't know how to fix it!

Any help would be greatly appreciated.

-Bob

[Nev]

Hi,

Also had this once today, had to kill Wingate process to avoid a server reboot.

Out of interest is the client a Vista x86 machine? - was here whole place was locked up from the Internet.

[rdunn]

Thanks for the reply-

No, in my case the client was running XP. Problem seems to be intermittent. Has not happen at all today with the user doing pretty much what they do every day. I remember this happening a few months ago, but for a different link (can't recall which one). That seemed to go away by itself also. The only thing I did was to purge/empty the DNS cache. At the time, it didn't seem to make a difference. So I doubt if that really fixed anything.

Will keep plugging away ad let you know if I come up with something solid. In the mean time, would appreciate any ideas from forum members.

-Bob

[corneg]

Can someone help with this? It started on my network about two weeks ago and now it happens once a day. The server then sends hundreds of mb of traffic before I realise there's a problem and internet performance grinds to a halt.

[Nev]

Can someone help with this? It started on my network about two weeks ago and now it happens once a day. The server then sends hundreds of mb of traffic before I realise there's a problem and internet performance grinds to a halt.

Hi,

That doesn't sound good, not sure I can help but as a thought:

Remove all unessential logging from services
Limit or remove caching

Have you any plugins running on this machine?

[corneg]

I've disabled caching on DNS/WINS resolver... will monitor the server and post feedback soon... thanks.

[corneg]

Nope, It's still doing it... I've attached a screenshot... It will keep trying to resolve it until I stop and start the Wingate Engine...? By the way, the address it's trying to resolve is not a page the that was accessed directly, it was probably embedded on a page visited on the client pc...

[vasilis]

Nope, It's still doing it... I've attached a screenshot... It will keep trying to resolve it until I stop and start the Wingate Engine...? By the way, the address it's trying to resolve is not a page the that was accessed directly, it was probably embedded on a page visited on the client pc...

Hi these days i had the same problem with WG, i face it by deleting any dns server i had entered in dns / wins resolver.
Also check to see if you have configured DHCP server to give any dns servers as suplamentary information
I hope this to help....

[corneg]

I've never specified any DNS Server. I did this morning because I hoped it might solve the problem but no luck...

[rustytx]

I do believe this is a Wingate issue.

We've been using Wingate for years on a Windows 2003 SBS box and it never happened. We needed to replace the hardware so we moved Wingate (with a registry merge) to its new home on an XP Pro box late last week. Now we also get the DNS loops that kill Wingate and overlaod both of our DNS servers intermittently (300-500 dns requests per second).

In our case its a simple DNS lookup for F-Secure from a network PC that seems to confuse things.

We have tried:

1. Disconnecting the originating PC to verify that the problem is within wingate - stoppping the PC has no effect on wingate's constant DNS looping
2. Tried having the DNS servers entered into wingate manually and also without (no change)
3. Disabled DNS services on XP
4. Tried various combinations of adding and removing the DNS server addresses in both network connections (no change)

Only stopping wingates DNS service stops the flood, but obviously the firewall no longer works.

Ideas???

[Nev]

Ideas???

Probably not but, the internal NIC in the Wingate box does it have Wingate's IP as an address for DNS?

This can cause a DNS loop, so the entry should be blank.

[rustytx]

Thanks Nev. We double checked this and still can't find a reason for the loops.

We unfortuantely lost the older version of Wingate that we were using during the upgrade to the new box (which did not have this issue). We started this time with 6.22xxx and found a copy of 6.1xxx on the web and tried it as well - no joy.

[jamescap]

DNS loops are not a good scene. Maybe if anyone else has this kind of issue, then they can post some hard facts about their setup; as a forum user I would be asking questions like this:

1. Is this network in an Active Directory Environment?
2. If it is, where is the AD DNS Server/What is the IP Address.
3. If there is an AD DNS Server, does it have any ip address listed in its Forwarder tab; what is that ip address(s).
4. Is there are any other DNS server on the local network; does it forward to WinGate, and what is its ip address.
5. Are you able to post on the forum the WinGate servers ipconfig; and if there are public ip addresses in that information then you should mask them for your own security.
(Windows) Start menu --> run --> ipconfig/all > c:\ipa.txt
6. Let the forum know if there are any addresses currently listed in:
GateKeeper --> DNS / Wins Resolver --> DNS
(Windows) Start menu --> Programs --> WinGate --> Advanced Options --> DNS Servers
7. If this kind of problem happens for one user/computer, then what’s the difference between their computer and others that do not cause this issue; do they have different DNS settings or some unique software/website that is playing up; i.e. how do other forum users replicate this and hence verify the problem.
8. What version of WinGate are you currently using.

Generally, loops occur because of the following scenario, as mentioned in the WinGate help file "Configuring WinGate in an Active Directory"

Active Directory Environment.
WinGate Server has the AD DNS Server listed on one of its network cards so it knows how to find domain specific resources.
AD DNS Server is setup to forward to WinGate, and when it sends a request to WinGate, Wingate sends the request back to the AD DNS Server and the loop occurs - that's why we need to do a setting in WinGate so to not use that AD DNS Server:
(Windows) Start menu --> Programs --> WinGate --> Advanced Options --> DNS Servers
*This setting above should not be confused with the option found in GateKeeper --> DNS / Wins Resolver --> DNS - that option is for overriding any DNS Servers listed on the WinGate server's network cards; it could fix the problem, but generally you would want to let WinGate get the settings from the network cards.

[mike_k]

I can't get the client pcs to use wingate DNS, always shows dns lookup and never resolves the ip. BUT, if i use a gsm broadband connect pen (dialup) it works.
The difference i found is that the dsl router has different gateway and ip addresses and the usb pen doesnt. Wingate translates incorrectly (i think) the routing table. On the first case, it routes everything to the adapter ip address instead of the gateway address that resolves the domains. Also, i can make it work if using directly the gateway ip address of the router on each client pc...

My network system configurations are
ethernet adapter connected to router DSL (assigned by DHCP)
default gateway: 192.168.1.254
ip: 192.168.1.64
dns: 192.168.1.254
configured as external on WG

local ethernet adapter
ip: 10.0.0.1
gateway: blank
dns: blank
configured as internal

client computer
ip: 10.0.0.2
gateway: 10.0.0.1
dns: 10.0.0.1 (doesnt work)
dns: 192.168.1.254 (works but should be wg doing this dns)

[logan]

That doesn't sound related to DNS looping. Maybe you should make a new post for that topic.