So here is the scenario I just had happen a couple of times with my new Gaming Rig, I’ve not seen this behavior from any other computer on my network.
So it appears to happen after about 7 days, one of more web apps start acting up like getting a Cert Invalid message and if I press F5 to refresh then I get the Comcast Modem logon dialog box.
I had the NIC setup for DHCP so it would grab the Comcast DNS.
I have since reconfigured my computers onto static IP addresses and using 8.8.8.8 and 1.1.1.1 as the primary and secondary DNS addresses.
I’m hoping this will resolve things but will not know for sure until that 7 days or so passes and see if the computer gets another cert message.
I can fix it by just simply rebooting the computer but why should I if things are working just fine otherwise.
I recommend running ipconfig /flushdns or the linux distro equivalent. Doing that along with the DNS changes should resolve the error. I’d also change the DNS on the router/modem admin page if possible.
Thanks for all the feedback, I will look at the DNS changes on both my ASUS router and the Comcast modem device.
Since my computers are now all using static IP addresses and have the DNS pointed to both Google and Cloudflare, I’m hoping this will be enough but guess I should also check on the other networking equipment devices too.
@xyz I test out some linux distros from time to time but my Steam collection is quickly approaching 18,000 games and have no intention of switching, well not just yet.
I also play ESO and not sure if that supports emulation via Proton, however it will be something to test.
Endpoint dns caching sounds heretical. Sounds like a way to negate some protections offered by my firewall. Is there a dhcp server flag or something so that i can FORCE all clients to lookup each dns request to my router/firewall?
It’s for faster lookups. Instead of having to wait on the DNS provider every time you wish to go to a website, lets say level1techs.com, your PC simply stores the DNS data for quick and easy access.
It will still go through your firewall. DNS mostly provides the name for the IP address it reaching out to.
To the best of my knowledge, no. You can enforce this client side. I know on windows you can disable it via registry. Never had to do it for linux so if you use it, then you’ll need to look up your distro, but should be easy to find. For other devices like firestick/roku/etc you are probably SOL, but you can just setup a local DNS filter like a pi hole to have some control.