Warning on every reboot that mentions "fios-router.home" - how to fix?

Are you configured to use then FiOS router as your DNS server?

If so, its possible that it can't use encryption.

And really no need for encryption if using a local router as it would just be to the next hop router.

And if hard coded to an external DNS, not sure how windows would know about FiOS router.

CRob - You wrote:

1. Are you configured to use the FiOS router as your DNS server?
   Not as far as I know.  If I understand dnscrypt-proxy correctly, DNS lookups are done via local host (at ::1 in my case) or an encrypted DNS call-out to my designated resolver, which is cloudflare at 1.1.1.1.  The FIOS router is providing DHCP, but I actually have a static LAN IP address for this PC.  But I could be wrong.  What do you think?
2. If so, its possible that it can't use encryption.
   Well, that's interesting.  Just recently, Verizon has required use of a self-signed certificate for anything on my LAN side to access the Quantum G1100 at 192.168.1.1.  Do you think that is now interfering with these two connections in my Warnings?
3. And really no need for encryption if using a local router as it would just be to the next hop router.
   Same point.  Unless I'm just not understanding the new required self-signed certificate on the LAN side.
4. And if hard coded to an external DNS, not sure how windows would know about FiOS router.
   I was thinking about that.  Why is my PC sending this thing that ends with fios-router.home anyway?  How does my PC know about the Quantum G1100?  Or maybe I have it backwards and the "fios-router.home" is coming from the Quantum G1100 and getting tangled up somehow.

CRob - I actually know nothing about this DNS and router-PC connection stuff, and I'm probably not understanding your questions.  Could you reply again with a "DNS connections with Quantum G1100 for Dummies" version?

Thanks.

1) Check your PC to see how you configured the static address. It is two sections. One for IP and other for DNS. Make sure that DNS is turned off. I am not familiar with the service you are using so I can't say for sure how it overides other DNS. You can also open a cmd window and run ipconfig command. See if there is a DNS domain name.

2) To the best of my knowledge, the certificate was just to use encryption for login purposes. I have no idea if they also support encrypted DNS.

3) See #2.

4) See #1

I know how DNS works via DHCP or a hard coded DNS server.

As stated I am not familiar with the service you are trying to use.

You may need to go to their support to better understand how their service interacts with that provided by an ISP router. Its possible that you do not have it implemented 100% correctly.

Update - just tried nslookup. It says "Domain: fios-router.home" but then says it can't find that domain.
Here's a link to a screenshot showing that - gif and pdf: < LINK >
Mean anything?

---

@glnz2 wrote:

Update - just tried nslookup. It says "Domain: fios-router.home" but then says it can't find that domain.
Here's a link to a screenshot showing that - gif and pdf: < LINK >
Mean anything?

---

It showing your own “home network” that is the way it’s supposed to be.

if you do a tracert to say google or verizon the first hop is your own router (home)

fios is your service so it shows that first.

there is nothing wrong with your setup.

like i said you may want to post the issue at http://www.dslreports.com under the fios forum. 

CRob and jonjones --

First, thanks for your patience.  I realize you are very tech savvy, and I'm not.  On the other hand, one learns by doing, and if I hadn;t started asking questions in Forums like these in 2004 when we first got DSL, I would never have been able to set up FIOS at home.

Anyway, as to the Event 1014 Warning that  "Name resolution for the name _ldap._tcp.dc._msdcs.fios-router.home. timed out after none of the configured DNS servers responded.":

I've done some more digging, and the dnscrypt-proxy service I am using to encrypt my DNS lookups and send them only to cloudflare's new 1.1.1.1 has a Forwarding feature, maybe expecially for cases like this.

See  < THIS PAGE ON GITHUB >

But I would need the precise IP address for where to forward _ldap._tcp.dc._msdcs.fios-router.home.  It's probably 192.168.1.1:something, yes?  What would the :something be?

Hi glnz2,

Are you having actual networking or PC performance issues related to this, or is it just a warning entry you are seeing in Windows Event Viewer without any noticeable adverse effects?  Windows Event Viewer always contains many error and warning entries.  This is normal.  Generally these are not anything a user needs to worry about or diagnose unless they are causing a problem.  Windows logs these but in almost all cases works around them on its own.

Lawrence - As far as I can tell, most things are OK.

However, I have a few other issues on my WIn 10 PC, and I think there may be some connections with this.

Anyway, I think my last question about the   :something   is a fair one, for those of us who are being a little extra secure.

Could you forward this to your favorite Verizon tech and ask?

Thanks.

---

@glnz2 wrote:

Update - trying to follow the wiki link about Forwarding -
(1) I put forwarding-rules.txt into the same folder as dnscrypt-proxy.toml.
(2) I added the line

forwarding_rules = "forwarding-rules.txt"

(using double-quotes not single quotes) to dnscrypt-proxy.toml right after the line cache_neg_ttl = 60
(3) The only line I put in forwarding-rules.txt is

fios-router.home 192.168.1.1

Is that correct?

RESULTS - The above didn't work, and on reboots I continue to get the Event 1014 Warning "Name resolution for the name _ldap._tcp.dc._msdcs.fios-router.home. timed out after none of the configured DNS servers responded."

What next?

---

‘fios-router.home’ is a DNS Suffix. This router does not handle LDAP related actions. If your system is set up to access a domain controller or more simply have your system set up to use Active Directory you might get those errors.

It has no impact on your ability to access the internet.

Seeker - Thanks for your post, and your post is infomrative, but it is not a solution.

I think this new issue - didn't have it before - should be truly fixed before we acknolwedge a solution.

Seeker - I shall look at your post above more carefully this weekend.  (I did not get an email from this Forum that you had posted last week!!)

But, on fast read, my home PC has always been Workgroup, never Domain.

And "_ldap._tcp.dc._msdcs" is not familiar to me - it's not the name of my PC and there is no User name like this.

You should also know that I also get the same Warning for "Name resolution for the name wpad timed out after none of the configured DNS servers responded."

Here is a breakdown if the `ldap._tcp.dc._msdcs` string.

It's a dns entry used to try and automatically configure a computer to a domain controller without having to manually configure it.

ldap

https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol

tcp because LDAP runs over TCP/IP

DC = Domain Controller

MSDCS = Microsoft Domain Controller Services

Tring to connect to a Lightweight Directory Access Protocol service using TCP.

This is a Domain Controller, and should be configured using the Microsoft Domain Controller Services.

Regarding WPAD

https://en.wikipedia.org/wiki/Web_Proxy_Auto-Discovery_Protocol

Seeker - thanks for your fast reply and continued interest.  I am learning from your posts.

However, there is an anomaly.  This PC dual-boots this Win 10 Pro 64-bit (version 1803) and Win 7 Pro 64-bit.  The Win 7 has the same dnscrypt-proxy setup. 

When I boot into the Win 7, these Warnings do NOT appear.

What's the difference?

Also - and again I have not yet studied your post three above - what should I do specifically to fix the issue on my Win 10?

By the way, I very much want to stick with dnscrypt-proxy.  For example, I get good security scores on https://www.cloudflare.com/ssl/encrypted-sni/

Thanks.

Seeker - hope you're still out there.  Please re-read this thread.

I am beginning to understand a little better.

As to the the `ldap._tcp.dc._msdcs` event viewer error, my setup is WORKGROUP, not domain.

I confirm this by going to Control Panel\All Control Panel Items\System, where "Domain:" does NOT appear but "Workgroup: WORKGROUP" does appear.  (I am at home, and I would be astonished if any of my devices thought it was on a domain.)

Can it be that my reboot event viewer error code is because my Win 10 Pro 64-bit is default-designed to look for a domain, and this event viewer error pops up because in fact there is no domain?  (But why hasn't anyone else complained?)

As to Web Proxy Auto-Discovery (WPAD) Protocol, since I am running dnscrypt.exe as a service called dnscrypt-proxy (set up via Simple DNSCrypt), that may itself be some type of proxy-based service (for its limited purpose of DNA lookups), and so maybe WPAD is frustrated because there is no other proxy for what happens after?

Could it be that both these event viewer errors show because the dnscrypt-p[roxy service doesn't start fast enough?

What do you think?

Thanks.

Six months later, I moved my Win 10 Pro 64-bit machine (now version 2004) temporarily to a different place, and it is connected to Spectrum cable, not Verizon FIOS.

On one reboot. I got a similar Event 1014 Warning that says "Name resolution for the name _ldap._tcp.dc._msdcs.nyc.rr.com. timed out after none of the configured DNS servers responded."  (FYI - "nyc.rr.com" is Spectrum, formerly Roadrunner.)

So, it's the same Warning on reboot for a different ISP and different modem.

BUT WHAT IS IT, WHAT DOES IT MEAN, AND WHAT IS THE FIX?

Thanks.

Ok. So, none of the DNS server you configured can resolve this address. Do you know a DNS server that can resolve this name? If so, just swap in that DNS server's IP address.