Intermittant/Daily DNS Issue with Fusion/AT&T Service

Internet access discussion, including Fusion, IP Broadband, and Gigabit Fiber!
6 posts Page 1 of 1
by jmiao » Tue Mar 28, 2023 11:25 am
Hi, I've been having a strange issue that Sonic has not been able to resolve, so maybe someone here has insight or a suggestion.

Background
  • Been a Sonic Fusion customer for over 10 years
  • Roughly 10 weeks ago, my line was cut. AT&T came out and repaired it by using a previously unlit line.
  • Since that repair, about 1-2 times a day, I would lose all ability to resolve DNS
  • BGW210-700 modem (so cannot set DNS directly on this model of modem)
Why do I suspect DNS issues?
  • Cannot resolve any hostname.
  • Can see other devices on my network.
  • During an outage, I cannot establish a new VPN connection, either to my office, any 3rd party VPN, or even Sonic VPN.
  • During an outage,any previously-established VPN connections, work just fine. Able to resolve hostnames on the VPN connection.
  • I setup a PC such that one browser is shunted through VPN while another browser is not. The browser that is shunted through VPN can browse the web while the browser that isn't cannot.
  • Similar behavior on all devices, including PCs using ethernet, PCs using wifi, and mobile devices. Tested on Windows 11, Mac OS Ventura, iOS 16, and Linux kernel 4.19.97.
  • Connection line is from AT&T and they are known to poison/hijack DNS.
What has Sonic tried?
  • Replaced the modem. Did not improve things.
What has AT&T tried?
  • Technician "changed some modem settings". Did not tell me what settings were changed. Did not improve things. Did however verify that my modem is using the correct firmware.

What Does a Traceroute Look Like During an Outage?

Code: Select all

Tracing route to dns.google [8.8.8.8]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  x.attlocal.net [X.X.1.1]
  2     1 ms    <1 ms    <1 ms  X.X.1.254
  3     *        *        *     Request timed out.
  4     *        *       18 ms  71.148.148.25
  5     *        *        *     Request timed out.
  6     *        *       18 ms  32.130.26.233
  7     *        *        *     Request timed out.
  8     *        *        *     Request timed out.
  9     *        *        *     Request timed out.
 10     *        *        *     Request timed out.
 11     *        *        *     Request timed out.
 12     *        *        *     Request timed out.
 13     *        *        *     Request timed out.
 14     *        *        *     Request timed out.
 15     *        *        *     Request timed out.
 16     *        *        *     Request timed out.
 17     *        *        *     Request timed out.
 18     *        *        *     Request timed out.

What Does a Traceroute Look Like During Normal Conditions?

Code: Select all

Tracing route to dns.google [8.8.8.8]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  X.attlocal.net [X.X.1.1]
  2     1 ms     1 ms    <1 ms  X.X.1.254
  3    17 ms    17 ms    17 ms  X-X-120-1.lightspeed.X.sbcglobal.net [X.X.120.1]
  4    18 ms    18 ms    17 ms  71.148.148.25
  5     *        *        *     Request timed out.
  6    19 ms    18 ms    19 ms  32.130.26.233
  7    22 ms    22 ms    22 ms  12.255.10.244
  8    20 ms    20 ms    20 ms  108.170.237.59
  9    21 ms    20 ms    22 ms  142.251.67.63
 10    21 ms    21 ms    21 ms  dns.google [8.8.8.8]

What does a ping look like during an outage?

Code: Select all

Pinging 8.8.8.8 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
What does a ping look like during normal conditions?

Code: Select all

Pinging 8.8.8.8 with 32 bytes of data:
Reply from 8.8.8.8: bytes=32 time=22ms TTL=115
Reply from 8.8.8.8: bytes=32 time=21ms TTL=115
Reply from 8.8.8.8: bytes=32 time=21ms TTL=115
Reply from 8.8.8.8: bytes=32 time=22ms TTL=115

Ping statistics for 8.8.8.8:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 21ms, Maximum = 22ms, Average = 21ms
by ngufra » Tue Mar 28, 2023 1:55 pm
You stated it's a DNS issue but icmp to 8.8.8.8 does not work either during outage.

How long are each outages and when do they happen?
Can you use e.g. Internet Connection Monitor chrome extension https://chrome.google.com/webstore/deta ... dfmjjoakfo to be able to get some numbers ?
It will probably help troubleshooting.
by aaazen » Fri Apr 28, 2023 8:04 am
My Fusion/AT&T has what appear to be intermittant DNS issues, but I suspect it may actually be BGP spuffing/hijacking.

This might explain your symptoms where it is not just DNS that is the problem.

I periodically see some politically "objectionable" websites hijacked to other locations.
by aaazen » Fri Apr 28, 2023 6:15 pm
Here is an article about BGP spoofing:

BGP spoofing - why nothing on the internet is actually secure
by rulystafzil » Mon May 15, 2023 2:53 pm
Have you heard anything further from Sonic/AT&T regarding this issue?

I also have Fusion/AT&T service and have the same symptoms. When not on VPN my connection will die, nothing resolves, but it's usually back up in seconds. Just long enough to disrupt whatever you were doing.

I just stay on VPN to avoid the problem but would like to figure out what's wrong.
by mgoldburg » Mon May 15, 2023 4:30 pm
We're on ATT Fiber and had identical symptoms to rulystafzil's last summer, somewhat different from those in the OP. Without a VPN running, connectivity to certain Internet sites was broken while others worked perfectly. With a VPN running (Cloudflare WARP) connections to anywhere on the Internet were stable.

The problem turned out to be an upstream ATT router (bad routes and/or ports). The VPN solution worked because (a) Cloudflare's VPN server was still reliably accesible from our house and (b) our traffic was being passed to the Internet-at-large by Cloudflare at its end of the VPN rather than by ATT. Ultimately, it took a call from one of our neighbors to ATT's VIP support line to get the issue resolved. The regular ATT support line, which isn't available to Sonic customers anyways, was suggesting that folks reset their modems, replace their modems, etc.

Anyways, I'd recommend checking with any neighbors who also have ATT fiber from ATT to see if they're experiencing issues. If they are, get as many of them as you can to call ATT.
6 posts Page 1 of 1

Who is online

In total there are 32 users online :: 2 registered, 0 hidden and 30 guests (based on users active over the past 5 minutes)
Most users ever online was 999 on Mon May 10, 2021 1:02 am

Users browsing this forum: Ahrefs [Bot], Google [Bot] and 30 guests