Help - Routing did not change after changing DNS

[vishalk]

Hi guys,

am a bit stuck with this cousins system, he has an mtnl connection, sam300 router provided by mtnl, problem is that he put google public dns of 8.8.8.8 and 8.8.4.4 on his router and due to some reasons he had to change them, he reverted back to mtnl dns servers which for him are 59.185.0.50 and 59.185.0.23. ok probs, he changed it on the router and restarted, now when he pings yahoo.com he is getting the same routed pings he got on google public dns, his router has accepted the dns but the routing has not changed. what could be hampering? any suggestions, to let u know am attaching pings results

Pinging any-fp3-real.wa1.b.yahoo.com [98.139.180.149] w

Reply from 98.139.180.149: bytes=32 time=298ms TTL=52

Reply from 98.139.180.149: bytes=32 time=314ms TTL=52

Reply from 98.139.180.149: bytes=32 time=299ms TTL=52

Reply from 98.139.180.149: bytes=32 time=312ms TTL=49

Reply from 98.139.180.149: bytes=32 time=301ms TTL=49

Reply from 98.139.180.149: bytes=32 time=379ms TTL=52

Reply from 98.139.180.149: bytes=32 time=352ms TTL=52

[mod]Please use descriptive thread titles[/mod]

 

[boogeyman]

Changing the DNS server doesn't change the routing of traffic on the internet. DNS is just a name resolution mechanism. It provides the IP address which is associated to a host-name. The way for your traffic to reach that IP address on the internet will remain the same. (Unless if you changed ISP's or if the ISP changed something). HTH

 

[vishalk]

thanks for the reply, b4 going to google dns, he had the mtnl ones and his pings were diff i mean the ip's were very diff like 67.xx.xx.xx now could eset smart security be playing up if thats installed? i know i can uninstall it and chk it out but its a pain travelling to him and sorting him out, hence i started this thread here which easily helps me think and determind if i've missed out something

 

[the_one]

have you tried resetting the modem and then entering the DNS....

 

[nRiTeCh]

Yup eset does block the network traffic by default by making your computer set to private and no public sharing. You can try switching to public open network in eset or st disbale your windows firewall and eset at the same time and see the results.

 

[boogeyman]

thanks for the reply, b4 going to google dns, he had the mtnl ones and his pings were diff i mean the ip's were very diff like 67.xx.xx.xx now could eset smart security be playing up if thats installed? i know i can uninstall it and chk it out but its a pain travelling to him and sorting him out, hence i started this thread here which easily helps me think and determind if i've missed out something

It seems to me that the IP address returned for yahoo.com is different on Google's DNS and on MTNL's DNS. That is why when you do a "ping www.yahoo.com" on cmd, it resolves to different IP addresses depending on what DNS server you're using and then pings it. As a result, it gives you different latency readings.

You can test this by using nslookup to see what IP address is being returned by each server. Refer this article for more help in using nslookup: Using NSLOOKUP for DNS Server diagnosis

 

[vishalk]

thanks guys, i have tried even uninstalling eset it somehow seems some1 has managed to hack or bug his router as this one provided by mtnl has barely any protection. However, i find it hard for any1 to mod his router without changing routing. Sterlite routers have barely any security.

 

[boogeyman]

thanks guys, i have tried even uninstalling eset it somehow seems some1 has managed to hack or bug his router as this one provided by mtnl has barely any protection. However, i find it hard for any1 to mod his router without changing routing. Sterlite routers have barely any security.

I really doubt it is related to eset. Can you post the nslookup outputs for yahoo.com when you're using the 2 different DNS servers? See what IP address you're getting and then do "tracert yahoo.com" on each of them.

If eset was blocking, you're pings would've gone unanswered.

 

[vishalk]

I really doubt it is related to eset. Can you post the nslookup outputs for yahoo.com when you're using the 2 different DNS servers? See what IP address you're getting and then do "tracert yahoo.com" on each of them.

If eset was blocking, you're pings would've gone unanswered.

yup hi m8 have been to his place last night and heres the nslookup info u asked

C:\>nslookup Yahoo!

Server: mumns1.mtnl.net.in

Address: 59.185.0.23

Non-authoritative answer:

DNS request timed out.

timeout was 2 seconds.

Name: any-fp3-real.wa1.b.yahoo.com

Address: 98.139.180.149

Aliases: Yahoo!

fp3.wg1.b.yahoo.com

in-fp3-lfb.wg1.b.yahoo.com

any-fp3-lfb.wa1.b.yahoo.com

heres the tracert on that ip i got above

C:\>tracert 98.139.180.149

Tracing route to ir1.fp.vip.bf1.yahoo.com [98.139.180.149]

over a maximum of 30 hops:

1 3 ms 2 ms 2 ms 192.168.1.1

2 * * * Request timed out.

3 191 ms 408 ms 341 ms triband-mum-59.185.97.178.mtnl.net.in [59.185.

.178]

4 * 150 ms 296 ms triband-mum-59.185.97.181.mtnl.net.in [59.185.

.181]

5 * 341 ms 241 ms AES-Static-177.105.144.59.airtel.in [59.144.10

177]

6 * * 187 ms 182.79.252.161

7 628 ms 671 ms 643 ms ge-1-3-7.pat1.nyc.yahoo.com [216.115.96.86]

8 * * 697 ms ae-5.pat2.bfz.yahoo.com [216.115.96.67]

9 474 ms 596 ms 709 ms ae-3.msr2.bf1.yahoo.com [216.115.100.31]

10 367 ms 483 ms 438 ms xe-7-0-0.clr1-a-gdc.bf1.yahoo.com [98.139.128.

]

11 635 ms 716 ms 625 ms et-17-1.fab4-1-gdc.bf1.yahoo.com [98.139.128.4

12 * 653 ms 449 ms po-10.bas1-7-prd.bf1.yahoo.com [98.139.129.161

13 644 ms 694 ms 766 ms ir1.fp.vip.bf1.yahoo.com [98.139.180.149]

 

[boogeyman]

Didn't you try it on Google DNS? If you're finding it a PITA to physically go to his place, you can try out TeamViewer

 

[vishalk]

Didn't you try it on Google DNS? If you're finding it a PITA to physically go to his place, you can try out TeamViewer

arr heres with google dhs

C:\>nslookup

Default Server: google-public-dns-a.google.com

Address: 8.8.8.8

> nslookup Yahoo!

Server: any-fp3-real.wa1.b.yahoo.com

Addresses: 98.137.149.56

72.30.2.43

Aliases: Yahoo!

fp3.wg1.b.yahoo.com

any-fp3-lfb.wa1.b.yahoo.com

DNS request timed out.

timeout was 2 seconds.

DNS request timed out.

timeout was 2 seconds.

*** Request to Yahoo! timed-out

>

and heres traceroute

C:\>tracert Yahoo!

Tracing route to any-fp3-real.wa1.b.yahoo.com [72.30.2.43]

over a maximum of 30 hops:

1 <1 ms 1 ms <1 ms 192.168.1.1

2 * * * Request timed out.

3 * * 420 ms triband-mum-59.185.97.178.mtnl.net.in [59

.178]

4 385 ms 380 ms 376 ms triband-mum-59.185.97.181.mtnl.net.in [59

.181]

5 * * * Request timed out.

6 458 ms 325 ms 237 ms 125.62.187.185

7 422 ms 403 ms 298 ms if-11-0-0.core1.SVQ-Singapore.as6453.net

.214.5]

8 * * 637 ms if-2-2-0-0.tcore1.SVW-Singapore.as6453.ne

87.12.9]

9 579 ms * * if-6-2.tcore2.TV2-Tokyo.as6453.net [180.8

0]

10 * * 589 ms if-2-2.tcore1.TV2-Tokyo.as6453.net [180.8

]

11 * 481 ms 660 ms if-9-2.tcore2.PDI-PaloAlto.as6453.net [18

0.17]

12 * * 449 ms if-1-0-0-4.mcore4.PDI-PaloAlto.as6453.net

5.213.141]

13 505 ms 563 ms 665 ms ix-11-0-4.mcore4.PDI-PaloAlto.as6453.net

.213.130]

14 * 610 ms 641 ms ae-0-d211.msr2.sk1.yahoo.com [216.115.106

15 * 633 ms 643 ms te-8-1.bas-k2.sk1.yahoo.com [68.180.160.1

16 * 450 ms 469 ms ir1.fp.vip.sk1.yahoo.com [72.30.2.43]

Trace complete.

done on tv=teamviewer

 

[boogeyman]

There you go.

MTNL DNS is resolving www . yahoo . com to 98.139.180.149. Google DNS is resolving it to 72.30.2.43. Since they must be present physically in different parts of the world, you're getting different latency readings to each. I'm guessing they (yahoo) are doing this as a sort of load balancing mechanism for users located in different parts of the world.

 

[vishalk]

Hi,

yes aware of that but from my own residence where i have mtnl dns servers of 59.185.0.50 and 59.185.0.23 i get pings which start with 69.139.xx.xx and 67.137.xx.xx

so what worries me is the fact why is his dns behaving odd

 

[boogeyman]

Hi,

yes aware of that but from my own residence where i have mtnl dns servers of 59.185.0.50 and 59.185.0.23 i get pings which start with 69.139.xx.xx and 67.137.xx.xx

so what worries me is the fact why is his dns behaving odd

I'm afraid I dont have an explanation for that. However, I would like to know, what exact latency sensitive applications are you running which depend on DNS? The best bet in this case would be to use a DNS service which provides the best results to your most frequently used sites and stick with it.

 

[mehrotra.akash]

Hi,

yes aware of that but from my own residence where i have mtnl dns servers of 59.185.0.50 and 59.185.0.23 i get pings which start with 69.139.xx.xx and 67.137.xx.xx

so what worries me is the fact why is his dns behaving odd

he seems to be using the x.x.0.23 server as primary

Is your primary also the same, or is it .0.50?

Also, were you testing at the same time of the day?

 

[vishalk]

he seems to be using the x.x.0.23 server as primary

Is your primary also the same, or is it .0.50?

Also, were you testing at the same time of the day?

yeah its kinda strange its using 0.23 as primary where as 0.50 is primary, however, what affected is the use of vpn where i am getting lags connecting to my vpn. browsing and torrenting all ok only vpn affected with lags.