• Adding Custom Configuration in Kea DHCP Server with pfSense+ 25.03

    Pinned
    26
    4 Votes
    26 Posts
    10k Views
    G
    @Gertjan Thank you brother. All you suggestions worked great. I joined the forums just to tell you so.
  • HEADS UP: Be aware of Trusted Recursive Resolver (TRR) in Firefox

    Pinned
    85
    17 Votes
    85 Posts
    57k Views
    kiokomanK
    @Bob-Dig idk it's not my phone, if it's "Private DNS" settings than it was probably on by default, my family does not know what dot / doh is @johnpoz exactly
  • Dynamic DNS - Azure (22.01-RELEASE (arm))

    22.01 azure ddns netgate-sg-3100
    5
    0 Votes
    5 Posts
    1k Views
    M
    @cemyl95 Funnily enough, I came to the same conclusion just this weekend :)
  • DDNS can not fiqure out my WAN IP Address

    ddns cloudflare comcast
    1
    2
    0 Votes
    1 Posts
    9 Views
    No one has replied
  • ISC vs KEA - KEA always wrong

    14
    4
    0 Votes
    14 Posts
    397 Views
    V
    @Gertjan said in ISC vs KEA - KEA always wrong: @Vollans said in ISC vs KEA - KEA always wrong: Solar upgrade Not the hardware Just the the firmware. That happens on a regular basis automatically. Afaik, kea does a network network broadcast for "who has 10.0.1.2") first and no device should answer. Apparently, some one answered. What about an ARP packet capture to see who answers ? The Solaredge inverter…
  • Unbound issue when set in resolving mode (pfSense Plus - crashing?)

    1
    0 Votes
    1 Posts
    26 Views
    No one has replied
  • 0 Votes
    11 Posts
    79 Views
    J
    Wow! Yall have been most helpful. Thanks!
  • Unbound Does Not Check Operating System Trust Store for DNS Over TLS

    10
    0 Votes
    10 Posts
    151 Views
    F
  • DNS Domain override not working

    8
    0 Votes
    8 Posts
    576 Views
    I
    @patient0 thank you for pointing me to the right direction for troubleshooting as a side note it seems that I am able to keep System Domain Local Zone Type: static by marking the specific domain as transparent in the DNS Resolver Custom options via server: local-zone: "m.internal.domain.com." transparent it seems working so far
  • DNS stops responding to queries

    7
    0 Votes
    7 Posts
    2k Views
    A
    @EngineerSB do you have such Entires in the system log? kernel sonewconn: pcb 0xfffff803cd9fb540 (**IP**:53 (proto 6)): Listen queue overflow: 193 already in queue awaiting acceptance (267 occurrences), euid 0, rgid 0, jail 0 kernel sonewconn: pcb 0xfffff803cd9fb540 (**IP**:53 (proto 6)): Listen queue overflow: 193 already in queue awaiting acceptance (179 occurrences), euid 0, rgid 0, jail 0 ...
  • This topic is deleted!

    1
    0 Votes
    1 Posts
    33 Views
    No one has replied
  • Kea DHCPv6 and clients with unstable IAID

    3
    0 Votes
    3 Posts
    677 Views
    R
    @Gertjan said in Kea DHCPv6 and clients with unstable IAID: @rolfl said in Kea DHCPv6 and clients with unstable IAID: by adding /usr/local/lib/libdhcp_flex_id.so to ... wouldn't that be : /usr/local/lib/kea/hooks/ for pfSense ? I found some kea libraries there. Correct, I must have been copying from a google search. Regardless, the file isn't there. I you could find a pre build "libdhcp_flex_id.so" (build against FreeBSD 15.x - light up a candle, and copy it in place) it might just work. PfSense is using Kea 2.6.2. Apparently pre 3.0 Kea had this library as a premium feature and requires a token to enable it. Btw : just to be sure : these devices use Wifi, right ? So it could be the wifi that 'breaks' every 10 minutes, so a DHCP initial 'boot' request will get emitted every time ? That stull doesn't expmlain why the IAID is randomized like that. I have checked unifi logs for the devices and there is no evidence of disconnect/connect behavior for wifi. If this isn't the case, why not mentioning the device by type, serial number, brand etc ? So we will all know what device not to chose at any cost, as it is known that every constructor out there wants to break IPv6, and some of them are doing a great job. I did mention that the brand was TAPO / TP-link, particularly the matter compatible wifi light switches. The model numbers are: S505, S505D, S515, P125M.
  • Serving different WPADs per subnet with Unbound

    host overrides unbound wpad
    11
    0 Votes
    11 Posts
    1k Views
    GertjanG
    @JonathanLee said in Serving different WPADs per subnet with Unbound: for Netflix not liking the HE ipv6 tunnel That was also solved with the help of pfBlockerng : [image: 1758778353680-eca53c7f-080b-4bc2-ab1a-cf4abc9e9f38-image.png] and enter all the domain names you don't want to be resolved as AAAA, only A. In my he.net days, this worked very well.
  • Why not a CNAME?

    8
    0 Votes
    8 Posts
    1k Views
    tinfoilmattT
    @johnpoz said in Why not a CNAME?: But I am not aware of anyway to dynamically change what fqdn a cname record points to other than via a API into the dns.. Or maybe you could script something with unbound-control. Agreed.
  • DDNS to Cloudflare

    3
    0 Votes
    3 Posts
    1k Views
    E
    @WN1X I'm on community. 2.8.0-RELEASE It was released in May.
  • 0 Votes
    2 Posts
    2k Views
    empbillyE
    Hello, Has anyone else encountered similar problems?
  • 0 Votes
    4 Posts
    2k Views
    C
    @Gertjan said in There was an error trying to determine the public IP for interface - wan (mvneta0 ). DDNS not working..: dig @127.0.0.1 checkip.dyndns.org +short Thanks for having a look! I have removed those wan-rules now. And here are some outputs: [image: 1758183115943-screenshot-from-2025-09-18-10-10-43.png] [image: 1758183115960-screenshot-from-2025-09-18-10-10-22.png] And: "That's a script I wrote years ago. Totally forgot about it. That web site and host name is 'mine' " you are a god!
  • Confused about DNS setup

    21
    3
    0 Votes
    21 Posts
    3k Views
    G
    @Gertjan That works perfectly thank you so much! Enabling DNS Query Forwarding seems to be the correct setting for us. I think what was throwing us off was the wording "or those obtained by dynamic interfaces such as DHCP". Obviously we can't have that. However the qualification "if DNS server override is enabled there", which it is not, so that just didn't apply. [image: 1758142364307-045a144c-7f19-4446-bea3-d346a86e5919-image.png] Now if I have a DNS address specified it works, and if that server is unreachable for any reason it doesn't. That is what I want. Again thank you so much. I can now move on to step 2 +++ ;) We will take further steps to deal with DoT and DoH as you and others have mentioned.
  • After restart, Unbound DNS Resolver don't work

    13
    6
    0 Votes
    13 Posts
    3k Views
    C
    @Luca-De-Andreis said in After restart, Unbound DNS Resolver don't work: @Unoptanio Yes, its true. Setting ALL:ALL the DNS works correctly from system restart without manually restart daemon (after reboot) ! I've just tried now. Wow, just tried this too and after years of dealing with it - it's fixed. Thank you!
  • DNS Issues After Upgrading to 25.07

    23
    0 Votes
    23 Posts
    5k Views
    K
    Hopefully this isn't an ongoing bug because it's pretty crippling.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.