DNS servers and public hotspots - 25% of them fail and solution is hard to find

Question

At about 25% of random wifi hotspots I have no trouble connecting with my phone, but my linux does not connect. I tried everything in this post.

nslookup google.com does not work

➜  ~ nslookup google.com
;; connection timed out; no servers could be reached

I believe that's as far as we need to go in terms of diagnostics, a litmus test but let me know.

I tried many things. IT is not a splash page login issue. My first three instincts are generally navigate to 10.0.0.1 or the respective default gateway ip, change what's in /etc/resolv.conf adding a nameserver and making sure I'm off the VPN. This hotspot does not have a splash page and since nslookup doesn't work I don't think that's relevant. Correct me if I'm wrong.

Here's the kicker. If I tether my phone and use that as a hotspot, it still fails when my phone is connected through the hotspot. nslookup google.com still fails in the same way, but if I go on data, it works. There is clearly something blocking me in the hot spot or some misconfiguration. The only question is whether it's on my end or their end. If it's on my end I can fix it, and if not, there's nothing I can do.

Either way I'd like to know people's theory on this. They wouldn't be overtly prejudice against linux would they, like they view us as threats? I mean we give away what OS we're using in the headers I'm sure, and they could firewall us based on that overtly but I don't imagine them doing that but it seems possible. Then what could it be? I am tearing myself in pieces trying to figure out what could be happening. It's really annoying.

I have tried fiddling with my resolv.conf, flushing the cache, adding configs to the network-manager, etc starting and restarting the network-manager service at every change.

I never failed to ping 8.8.8.8 and get a response.

Whoever solves this or even gives me helpful info will be my hero. I am going to ask people at work about it. Many other people have unanswered questions on this site about it. We only need to know two things - how network configuration works on our local machines and how it works on various public hotspot providers.

I guess if I could get info on the public hotspot in question, would that help?

Answer 1

SOLVED (but not fully understood). Trying to win a deeper understanding for future benefit. See the "WHAT WORKED" section below for the quick answer for my case.

Ok so I got it working- at least at a different hotspot. (I had to leave the cafe because they closed, so I went to whole foods which seemed to have the same issue- nslookup google.com failing, and where I've also had this issue in the past I now recall.

I tried many things not mentioned here. I suppose I could post the last several lines of my bash history. Here they are - it can give you a sense of the things I tried:

 5281  sudo vim /etc/resolv.conf
 5282  cat /etc/resolv.conf
 5283  route -n
 5284  sudo protonvpn d
 5285  sudo open /etc/NetworkManager/NetworkManager.conf
 5286  sudo nano /etc/NetworkManager/NetworkManager.conf
 5287  sudo gedit /etc/NetworkManager/NetworkManager.conf
 5288  service network-manager restart
 5289  sudo gedit /etc/NetworkManager/NetworkManager.conf
 5290  service network-manager restart
 5291  sudo vim /etc/resolv.conf
 5292  sudo networkmanager --print-config
 5293  service network-manager restart
 5294  sudo systemctl restart NetworkManager.service
 5295  sudo dpkg-reconfigure resolveconf
 5296  sudo dpkg-reconfigure resolv\conf
 5297  sudo dpkg-reconfigure resolvconf
 5298  ping 8.8.8.8
 5299  route -n 
 5300  sudo vim /etc/resolv.conf
 5301  service network-manager restart
 5302  sudo vim /etc/resolv.conf
 5303  service network-manager restart
 5304  ping 8.8.8.8
 5305  ping google.com
 5306  route -n 
 5307  nmcli 
 5308  ip route
 5309  ip route | grep default
 5310  sudo vim /etc/resolv.conf
 5311* ip route | grep default
 5312  sudo vim /etc/resolv.conf
 5313  service network-manager restart
 5314  sudo vim /etc/resolv.conf
 5315  sudo systemctl restart systemd-resolved
 5316  sudo systemd-resolve --flush-caches
 5317  ufw
 5318  ufw status
 5319  sudo ufw status
 5320  ping 8.8.8.8
 5321  ip a
 5322  sudo ufw disable
 5323  nslookup example.com
 5324  nslookup google.com
 5325  sudo vim /etc/resolv.conf
 5326  nslookup google.com
 5327  sudo vim /etc/resolv.conf
 5328  nslookup google.com
 5329  service network-manager restart
 5330  nslookup google.com
 5331  nslookup example.com 8.8.8.8
 5332  nslookup google.com 8.8.8.8
 5333  nslookup google.com
 5334  ping 8.8.8.8
 5335  nslookup google.com
 5336  sudo vim /etc/resolv.conf
 5337  nslookup google.com
 5338  hostname
 5339  uname
 5340  nslookup google.com
 5341  pingn 8.8.8.8
 5342  ping 8.8.8.8
 5343  service network-manager restart
 5344  nslookup google.com
 5345  sudo vim /etc/resolv.conf
 5346  nslookup google.com
 5347  service network-manager restart
 5348  nslookup google.com
 5349  nslookup google.com 8.8.8.8
 5350  sudo vim /etc/resolv.conf
 5351  nslookup google.com
 5352  service network-manager restart
 5353  resolvectl status
 5354  nslookup google.com
 5355  sudo systemctl enable systemd-resolved.service
 5356  nslookup google.com
 5357  sudo systemctl start systemd-resolved.service
 5358  nslookup google.com
 5359  sudo vim /etc/dhcp/dhclient.conf
 5360  nslookup google.com
 5361  resolvectl status
 5362  service network-manager restart
 5363  nslookup google.com
 5364  sudo vim /etc/resolv.conf
 5365  lsb_release -a
 5366  sudo vim /etc/netplan/01-network-manager-all.yaml
 5367  sudo systemd-resolve --set-dns=8.8.8.8
 5368  sudo systemd-resolve --set-dns=8.8.8.8 --interface=wlo1
 5369  nslookup google.com
 5370  service network-manager restart
 5371  nslookup google.com
 5372  sudo vim /etc/resolv.conf
 5373  resolvectl status
 5374  pwd
 5375  resolvectl status > resolvectl_status_result
 5376  ls
 5377  sudo systemctl status systemd-resolved.service
 5378  sudo systemctl status systemd-resolved.service > systemctl.status.systemd-resolved.service.result
 5379  sudo systemctl status systemd-resolved.service
 5380  sudo systemctl -w net.ipv6.conf.all.disable_ipv6=1
 5381  sudo systemctl  net.ipv6.conf.all.disable_ipv6=1
 5382  cat /etc/systemd/resolved.conf
 5383  sudo vim /etc/systemd/resolved.conf
 5384  nslookup google.com
 5385  service network-manager restart
 5386  nslookup google.com
 5387  sudo systemctl restart systemd-resolved.service
 5388  nslookup google.com
 5389  sudo vim /etc/sysctl.conf
 5390  service network-manager restart
 5391  nslookup google.com
 5392  route -n 
 5393  history | grep status
 5394  resolvectl status
 5395  systemctl status systemd-resolved.status
 5396  systemctl status systemd-resolved.service
 5397  nmcli general status
 5398  nmcli connection show wl01 
 5399  route -n 
 5400  resolvectl status
 5401  nmcli connection show wl01 
 5402  sudo systemd-resolve --flush-caches
 5403  sudo systemd-resolve --set-dns=8-8-8-8
 5404  sudo systemd-resolve --set-dns=8.8.8.8
 5405  sudo systemd-resolve --set-dns=8.8.8.8 --interface=wl01
 5406  ip a
 5407  sudo systemd-resolve --set-dns=8.8.8.8 --interface=wlo1
 5408  ip a
 5409  nslookup google.com
 5410  history | grep wl01
 5411  nmcli connection show wlo1
 5412  nmcli connection show wl01
 5413  nmcli connection show wlo1
 5414  nmcli connection show
 5415  sudo systemctl status NetworkManager
 5416  nmcli dev show wlo1
 5417  sudo vim /etc/resolv.conf
 5418  nmcli dev show wlo1
 5419  service network-manager restart
 5420  nmcli dev show wlo1
 5421  sudo systemctl status NetworkManager
 5422  sudo systemctl restart NetworkManager
 5423  sudo systemctl status NetworkManager
 5424  sudo dhclient -v -r wlo1
 5425  cat /etc/NetworkManager/system-connections/WholeFoodsMarket-fb046023-ad76-4b55-8ee7-be56cc3d9f37.nmconnection
 5426  sudo cat /etc/NetworkManager/system-connections/WholeFoodsMarket-fb046023-ad76-4b55-8ee7-be56cc3d9f37.nmconnection
 5427  sudo vim /etc/NetworkManager/system-connections/WholeFoodsMarket-fb046023-ad76-4b55-8ee7-be56cc3d9f37.nmconnection
 5428  nmcli dev show wlo1
 5429  service network-manager restart
 5430  nmcli dev show wlo1
 5431  sudo vim /etc/resolv.conf
 5432  nslookup google.com
 5433  nmcli dev show wlo1
 5434  lsb_release -a

Thanks to Chatgpt on my phone for a lot of these ideas but the final fix didn't come from them.

WHAT WORKED: What finally fixed it and fixed it instantly was running nmcli dev show wlo1 (note it is o1 not 01). That gave me the default whole foods DNS (or what I intuited as such), which was 208.67.222.222 as well as the ones I had set and generally use - i.e. 8.8.8.8. I added the whole foods DNS to resolv.conf by going to sudo vim /etc/resolv.conf and finally it liked that. The minute nslookup google.com worked, I was sure it would work on the browser and it did.

So is the hotspot dominating and policing the DNS server used, and dropping any packets that don't conform? That seems to be the case or something like this. I've been struggling with this issue at different locations for a long time. I'm going to a third location that has had this problem tomorrow morning and I can test it.

There are a lot of complex interacting pieces with networking including gateway settings etc. I had to scrape their DNS. I wonder why this works on windows automatically. I am also on Ubuntu 20.04.4 which others have had trouble connecting via DNS over.

Therefore -- In my quest over the last year to solve this issue I know I've messed with a few settings here and there and I might have multiple services or programs managing my interfaces, including NetworkManager. I'm not sure how that all works and whether there are conflicts but things seem to be going fine.

In the past when I had a problem, usually I only ever had to touch resolv.conf but that changed at some point. Well one thing I know - that still seems to be the solution but you manually have to add what seems like the Gateway's preferred DNS, which also doesn't at least under my config seem to automatically resolve since I tried it with all the nameservers commented out. It seems like Whole Food's nameserver has to be explicitly stated there. I'm not sure how it got to that point but that's how it seems.

While it seems like I should in theory be able to have this get used automatically according to my system's configuration, I think the fact that it has to be used exclusively is beyond my control and is a gateway setting. I wonder why that is.

I will be seeking more information as I find myself at new cafes over the coming weeks to confirm and refine my understanding because it's nice to understand what's going on and there's still a lot of fuzziness and blur but maybe if one person with similar struggles at some point can find this and get it to work when nothing else did, that would be great.

EDIT: Even more details I found they're using OpenDNS. IF you have trouble connecting to public wifi on ubuntu, openDNS may be the culprit.

These are the commonly used addresses 208.67.222.222 and 208.67.220.220 of openDNS and they are the same ones used by my public hotspot 2 of 3. I have to check two others that I've had problems connecting to, then I'll be able to know even more or know with greater certainty.

Also a quick way to know or confirm this is the issue is nslookup google.com and if that works, then nslookup google.com 8.8.8.8 and if that fails it seems likely that that is the culprit and it seems like a fast and effective way to do so. OpenDNS appears to be the blocker at least in one of my cases and I just have to konw how to work with it.