@RickyBaker
Same thoughts here : a high level of log details actually the details your looking for, as there is only for 2 minutes worth of info.
If you have some disk space left, you can make the log files bigger.
48bc948c-57dc-4564-b2e1-9af964888543-image.png
If needed, you can make the log retention a bit smaller - I've "7", you can make it 5 or 4.
You can also make this, one
0bc21cb3-4150-4daf-922f-0b75f6638b5d-image.png
a bit bigger.
The actual goal is :
As soon as you find a situation where a device has no access anymore, you have to check :
Does the access without using DNS works ? For example, ping 8.8.8.8 from that device.
Also double check : does the device has a valid IP, gateway and dns set at that moment ?
Example :
ipconfig /all
and check the duration of the lease, the gateway, the DNS (both should point to the IP of pfSense.
Check on the device if "DNS" works :
C:\Users\Gauche>nslookup www.google.com
Serveur : pfSense.bhf.tld
Address: 2a01:cb19:907:bedf:92ec:77ff:fe29:392c
Réponse ne faisant pas autorité :
Nom : www.google.com
Addresses: 2a00:1450:4007:81a::2004
142.250.201.164
Take note : for me, both IPv6 and IPv4 works.
Then (also) check on pfSense if resolving works :
dig @127.0.0.1 www.google.com +short
and then
dig @192.168.1.1 www.google.com +short
where 192.168.1.1 is your LAN interface.
Check if unbound is up and running :
[24.03-RELEASE][root@pfSense.bhf.tld]/root: ps ax | grep 'unbound'
74113 - Ss 4:32.60 /usr/local/sbin/unbound -c /var/unbound/unbound.conf
....
....
and
[24.03-RELEASE][root@pfSense.bhf.tld]/root: sockstat | grep 'unbound'
unbound unbound 74113 3 udp6 *:53 *:*
unbound unbound 74113 4 tcp6 *:53 *:*
unbound unbound 74113 5 udp4 *:53 *:*
unbound unbound 74113 6 tcp4 *:53 *:*
unbound unbound 74113 9 tcp4 127.0.0.1:953 *:*
...
...
...
...
With the unbound log details set to "1", it will still contains the number of restarts (a controlled stop and then a start :
grep "stopped" /var/log/resolver.log
.....
<30>1 2024-05-06T00:15:24.852356+02:00 pfSense.bhf.tld unbound 12814 - - [12814:0] info: service stopped (unbound 1.19.3).
Btw : the actual unbound version is 1.19.3 as I'm using 24.03.
pfSense 2.8.0 will be coming out soon.
Not that the version really matters (imho) as I was using 1.17.x also a long time, and don't recall having any issues.
@RickyBaker said in DNS_PROBE_FINISHED_NXDOMAIN sporadically for anywhere from 30secs to 10min. works flawlessly at all other times:
Is it possible the problem is purely something with the wifi and Ubiquiti?
For me, an AP should be what it should do :; being a radio to wire signal converter.
True, an AP can do a lot more, and really braking the connection for you.
When testing connectivity issues, add APs and other gadgets later on, when you know the wired connection works well.
The same thing goes for L3 'smart, VLAN based' switches : only use the when the bare bone network works well.