If you are an Avira AntiVir user like me and have noticed for the last year or so auto-update fails regularly, you are likely an OpenDNS user like me as well.
This drove me crazy for about a year; seeing the update fail with this same cryptic error message over and over again:
11:16:07 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() ‘http://personal.avira-update.com/update/idx/master.idx’ failed. Error: The server name or address could not be resolved
My understanding of the error message was that the master update server over at Avira was constantly down and unresolvable, but as it turns out, it was just an issue with the DNS provider I was using (OpenDNS) how Avira uses DNS by returning UDP packets larger than 512 bytes (too many IP addresses for a single DNS entry) which requires that your router fallback to TCP to process the request. Unfortunately many consumer-level routers do not support TCP fallback, so the update fails.
As it turns out, OpenDNS doesn’t support TCP fallback which apparently the Avira AntiVir self-updater likes to have available for auto update to work; most of the time.
CORRECTION: As Mike pointed out below, this isn’t the case. Here is his correction
The issue is not that OpenDNS does not support TCP fallback, it is that most peoples routers don’t support DNS over TCP. Avira could fix this by reducing the number of addresses they return in the DNS packet (it is obscenely large to the point of being broken).
The fix fortunately is very easy, you have to modify your hosts file (on Linux this is usually under /etc/hosts, on Windows it’s under \Windows\System32\drivers\etc) and you will want to add the following entries to the file manually:
UPDATE #1: My updates were still failing regularly after using the DNS list provided by Avira support, fortunately rotblitz in the OpenDNS forums provided a modified list that seems to have done the trick, you will want to use these 3 entries in your hosts file instead of the prior list below:
62.146.66.187 personal.avira-update.com personal.avira-cdn.com 80.190.143.232 personal.avira-update.net 80.190.143.229 perspeak.avira-update.com
NOTE: Below is the original hosts file list of update servers. Please use the one above, I am just leaving this list here for reference in case you need it for testing or comparison (or maybe it worked for you?).
62.146.66.181 dl1.avgate.net 62.146.66.182 dl2.avgate.net 62.146.66.183 dl3.avgate.net 62.146.66.184 dl4.avgate.net 80.190.143.235 dl5.avgate.net 80.190.143.236 dl6.avgate.net 62.146.66.178 dl7.avgate.net 62.146.66.179 dl8.avgate.net 80.190.143.239 dl9.avgate.net 80.190.143.230 dl10.avgate.net
After that change you should be able to re-run the auto updater and the update will work.
Hope that helps keep some folks more sane than it did for me this last year.
Update #2: Reader Gerard made a point that if you aren’t seeing these changes help immediately, you might want to restart the Windows service “DNS Client” from the Services UI:
I’m puzzled by your blog post about Avira and OpenDNS? I’ve been a user of both for over 5 years and I have never had an Avira update fail in the way you describe? I don’t get why you are having this problem? (I’m a Network Professional) It must be something else about your network environment. I can understand why the hosts entries “fixed” it for you but there’s something else going on there…
Colin, I have no idea why the problem was occurring either — but it did start happening after I configured my router to start using OpenDNS (About a year ago) and I never put the two together until I ran across the Avira / OpenDNS support case with the workaround provided by an OpenDNS support tech for one of the Avira users.
I got the full list of DNS entries from the Avira employee post, so this can’t be the first time they’ve dealt with this problem in some capacity or another.
I would point out that it seems to fail 9 times out of 10 for me *without* that fix, and only works consistently with the fix. I don’t know if the issue is with OpenDNS or with how Avira is using it’s update server’s DNS entries?
You would know better than me on that one. I’m just happy the stupid thing updates again.
Hi Riyad, then I remain puzzled… I’ve just checked back through the report logs on 4 of my machines here (they all run off the router that is configured for OpenDNS) for the last month (370 update entries) and there is not one failed update entry in any of them… :-S
The issue is not that OpenDNS does not support TCP fallback, it is that most peoples routers don’t support DNS over TCP. Avira could fix this by reducing the number of addresses they return in the DNS packet (it is obscenely large to the point of being broken).
Would you mind correcting your article? It gives the false impression that OpenDNS is at fault.
Sorry to reply to myself… for the record OpenDNS supports TCP just fine. You can confirm this with (on Linux): dig +short +tcp thebuzzmedia.com. @208.67.222.222
Mike, of course! (slaps head) That would explain it exactly and of course I’m not using your average high street router (Draytek) which is why mine is ok… (and I just had a look at their return DNS packet and you’re right! THAT =is= broken!) Colin
Mike,
The correction is very much appreciated and the article has been revised to more clearly state what is going on here.
Colin,
Do you have a router model # for the folks that might be interested in it?
Sure. It’s a Draytek Vigor 2820Vn and although it’s close to the £200 mark, I would recommend it to anyone who wants a more robust, professional router solution. This particular model has two VoIP ports that you can plug standard PSTN phones into also (comes with introductory services).
Colin thanks for the info – I linked it incase anyone wants to buy one. I haven’t heard of the Draytek brand before here in the states, but I’m sufficiently unhappy with anything NETGEAR and Linksys is sort of “meh” for me, so any new recommended brand I’m happy to try.
Thanks, that solved it for me straight away. Possibly could be an idea to mention that a restart of the service “DNS Client” might be neede.d
Gerard,
Excellent! I’m glad it helped. That’s a good point about DNS Client service, I’ll add an update to the article with credits.
Thx.
Thank you so much for this! As soon as I modified the host file, everything immediately started working again. I was getting quite tired of doing manual updates. Someone should forward this on to Avira support I think.
Great work.
Roobix, Glad we could help. I know that pain very well (needing to do manual updates).