DNS for "_ldap._tcp.dc._msdcs.fios-router.home" & "wpad" BLOCKED

glnz · 05 May 2019

On every reboot of my Win 10 Pro 64-bit (version 1803) PC, I get two Warnings in Event Viewer:

"Name resolution for the name _ldap._tcp.dc._msdcs.fios-router.home. timed out after none of the configured DNS servers responded."
and
"Name resolution for the name wpad timed out after none of the configured DNS servers responded."
Both are Event 1014, DNS Client Events.

The first Warning's reference to "fios-router.home" must be to my Quantum G1100 modem-router that was supplied by Verizon for my FIOS 1Gbps service. Also, the DNS name resolution is probably needed for proper functioning of the Quantum G1100's "Active Directory". See item #4 at this link: -THIS LINK ON MSDN-

But I'm not a tech and don't know how to start fixing this.

EDIT - More info - and I certainly need your help:
By experimenting, I have determined that these Warnings occur when I have the service dnscrypt-proxy running at startup. It's a great service that encrypts DNS lookup requests so that nobody - not Verizon and not Google and not man-in-the-middle bad guys -- can see where I am trying to go.

First, there's a superb article on ars techinca that explains everything about dnscrypt-proxy in great detail: How to keep your ISP’s nose out of your browser history with encrypted DNS

Second, you can download and get technical info about Simple DNSCrypt - which helps you install and configure dnscrypt-proxy on a Win machine - from github at github-bitbeans-SimpleDnsCrypt

Third, what should I do to continue using dnscrypt-proxy but let "_ldap._tcp.dc._msdcs.fios-router.home" and "wpad" get the needed DNS/name resolution and so not generate the Warnings I describe above? ◄ This is the important question.

Thanks.

glnz · 06 May 2019

Update - just tried nslookup. It says "Domain: fios-router.home" but then says it can't find that domain.
Here's a link to a screenshot showing that - gif and pdf: < LINK >
Mean anything?

glnz · 08 May 2019

As to the Event 1014 Warning that "Name resolution for the name _ldap._tcp.dc._msdcs.fios-router.home. timed out after none of the configured DNS servers responded.":

I've done some more digging, and the dnscrypt-proxy service I am using to encrypt my DNS lookups and send them only to cloudflare's new 1.1.1.1 has a Forwarding feature, maybe especially for cases like this.

See < THIS PAGE ON GITHUB >

But I would need the precise IP address for where to forward _ldap._tcp.dc._msdcs.fios-router.home. It's probably 192.168.1.1:something, yes? What would the :something be?

Thanks.

glnz · 08 May 2019

Update - trying to follow the wiki link about Forwarding -

(1) I put forwarding-rules.txt into the same folder as dnscrypt-proxy.toml.

(2) I added the line

Code:

forwarding_rules = "forwarding-rules.txt"

(using double-quotes not single quotes) to dnscrypt-proxy.toml right after the line cache_neg_ttl = 60

(3) The only line I put in forwarding-rules.txt is

Code:

fios-router.home 192.168.1.1

Is that correct?

RESULTS - The above didn't work, and on reboots I continue to get the Event 1014 Warning "Name resolution for the name _ldap._tcp.dc._msdcs.fios-router.home. timed out after none of the configured DNS servers responded."

What next?

Cr00zng · 09 May 2019

Run the 'ipconfig /all' and get the DNS server(s)' IP address.

Try using the 'nslookup' with your ISP's DNS server IP, like this:

Code:

 nslookup _ldap._tcp.dc._msdcs.fios-router.home "Your ISP's DNS server IP"

This should bypass DNSCrypt and give you the IP for the URL in question. Alternatively, you could also disable DNSCrypt temporarily.

Get the IP and for "_ldap._tcp.dc._msdcs.fios-router.home" and add it to the "host" file. This may, or may not work.

You could also delay starting up the DNSCrypt service, it might be all that you'd need...

glnz · 15 Aug 2020

This is what I get --

C:\WINDOWS\system32>nslookup _ldap._tcp.dc._msdcs.fios-router.home 192.168.1.1
Server: Fios_Quantum_Gateway.fios-router.home
Address: 192.168.1.1
*** Fios_Quantum_Gateway.fios-router.home can't find _ldap._tcp.dc._msdcs.fios-router.home: Non-existent domain

So still no solution.

glnz · 05 Sep 2020

I am beginning to understand a little better.

As to the the `ldap._tcp.dc._msdcs` event viewer error, my setup is WORKGROUP, not domain. I confirm this by going to Control Panel\All Control Panel Items\System, where "Domain:" does NOT appear but "Workgroup: WORKGROUP" does appear. (I am at home, and I would be astonished if any of my devices thought it was on a domain.)

Can it be that my reboot event viewer error code is because my Win 10 Pro 64-bit is default-designed to look for a domain, and this event viewer error pops up because in fact there is no domain? (But why hasn't anyone else complained?)

As to Web Proxy Auto-Discovery (WPAD) Protocol, since I am running dnscrypt.exe as a service called dnscrypt-proxy (set up via Simple DNSCrypt), that may itself be some type of proxy-based service (for its limited purpose of DNA lookups), and so maybe WPAD is frustrated because there is no other proxy for what happens after?

Could it be that both these event viewer errors show because the dnscrypt-proxy service doesn't start fast enough?

What do you think?

Thanks.