Originally published 2014.12.03, amended 2014.12.17: Three days after I published the post below and spread it via social media, I got a very friendly personal call on a Saturday afternoon from Swisscom's Head of Home Network, informing me that an internal task force had analysed this particular problem, and asked whether I'd be interested in receive their upgraded firmware v05.01.14/05.01.18/689 image, while it was still running through last internal QA tests. I was indeed interested - and haven't had the problem with DNS relay on the Swisscom box described hereafter ever since. Thank you Swisscom - great customer service! ;-)
Grüezi Swisscom (FYI world, it's the local ISP),
vorburger@yoko:~$ nslookup www.vorburger.ch 195.186.1.162
Server:195.186.1.162
Address:195.186.1.162#53
Non-authoritative answer:
www.vorburger.chcanonical name = vorburger.github.com.
vorburger.github.comcanonical name = github.map.fastly.net.
vorburger@yoko:~$ nslookup www.vorburger.ch 192.168.1.1
;; connection timed out; no servers could be reached
Grüezi Swisscom (FYI world, it's the local ISP),
Merci vielmool for your new fiber optic internet connection. Residential 1 GB sounds cool - although the price you're asking for probably isn't worth it today for most people, but that's not the point of this post (if you'd like me to beta test the top speed for you and provide feedback, feel free to give me a free upgrade).
I'm afraid however that your proprietary router, the very stylishly designed "Swisscom Box" (Swisscom branded, but seems to actually be produced in partnership with Siligence, SoftAthome and vestiacom) is a lot less cool - it breaks down regularly, roughly every 48h for me! :-( [Firmware v05.01.12/05.01.18/689]
Luckily for you I've been able to debug the issue and diagnose the underlying software bug for you. We note that you have made every effort to dumb the box down, surely to be "consumer friendly", which in principle is laudable, but in practice you might have gone a bit too far here? Not offering, even in Expert mode for advanced users ANY way to see any internal logs (I'm not even asking for a syslogd; we're talking basic just SEEING log..) is... really quite ridiculous? As is not allowing to set a custom DNS server on the built-in DHCP server.
The bug is that your internal DNS (cache) server daemon process which you run on what is surely to be some sort of embedded Linux appears to very regularly crash, or get blocked (non responding). You see, when my family says that "the Internet is down AGAIN, bloody Linux all over the house" what they actually mean is that while your Swisscom Box router IS up, and I CAN access its web interface, and you guys most likely cannot diagnose anything wrong from your end through remote analysis, and I can reach any IP outside, if I nslookup any DNS name not previously cached on the requesting host then your pretty little box often simply does not answer. If I directly ask your public DNS server, then it works. Hope you agree that this fairly clearly pinpoints the problem - see the commands below.
Please do kindly fix this at your earliest convenience - yesterday kind of time frame would be nice. Should you need any assistance, give me a ring we can further pair debug this with a less locked down custom firmware image you may kindly provide.
Your sincerely,
M. - a loyal customer who would like to stay with you if you fix this (and who will switch otherwise)vorburger@yoko:~$ nslookup www.vorburger.ch 195.186.1.162
Server:195.186.1.162
Address:195.186.1.162#53
Non-authoritative answer:
www.vorburger.chcanonical name = vorburger.github.com.
vorburger.github.comcanonical name = github.map.fastly.net.
vorburger@yoko:~$ nslookup www.vorburger.ch 192.168.1.1
;; connection timed out; no servers could be reached
vorburger@yoko:~$ nslookup www.swisscom.ch 195.186.1.162
Server:195.186.1.162
Address:195.186.1.162#53
Non-authoritative answer:
Name:www.swisscom.ch
Address: 193.222.73.227
vorburger@yoko:~$ wget http://www.swisscom.ch/de/privatkunden.html
^C (No response)
vorburger@yoko:~$ wget http://193.222.73.227/de/privatkunden.html
vorburger@yoko:~$ wget http://193.222.73.227/de/privatkunden.html
--2014-11-30 19:42:20-- http://193.222.73.227/de/privatkunden.html
Connecting to 193.222.73.227:80... connected.
HTTP request sent, awaiting response... 200 OK
Cookie coming from 193.222.73.227 attempted to set domain to 73.227
Length: unspecified [text/html]
Saving to: ‘privatkunden.html’
[ <=> ] 55,072 --.-K/s in 0.03s
2014-11-30 19:42:20 (1.74 MB/s) - ‘privatkunden.html’ saved [55072]