Well of course. If it was a /32, there would be no addresses left to assign to anything. Glad it's working for you now.

So today I came home and my unbound resolver service was randomly stopped and non intnernet working on devices. When trying to access websites browsers said (chrome) DNS_PROBE_BAD_CONFIG just like the same error I get when my DNS is slow.

I pressed the 'play' button in my services and the internet is working again.

Here's the logs, I dont see anything that caused a 'fatal error'?

Oct 2 19:21:01 unbound 53471:0 info: 0.016384 0.032768 54 Oct 2 19:21:01 unbound 53471:0 info: 0.032768 0.065536 84 Oct 2 19:21:01 unbound 53471:0 info: 0.065536 0.131072 3 Oct 2 19:21:01 unbound 53471:0 info: 0.131072 0.262144 5 Oct 2 19:21:01 unbound 53471:0 info: server stats for thread 1: 0 queries, 0 answers from cache, 0 recursions, 0 prefetch, 0 rejected by ip ratelimiting Oct 2 19:21:01 unbound 53471:0 info: server stats for thread 1: requestlist max 0 avg 0 exceeded 0 jostled 0 Oct 2 19:21:01 unbound 53471:0 info: server stats for thread 2: 0 queries, 0 answers from cache, 0 recursions, 0 prefetch, 0 rejected by ip ratelimiting Oct 2 19:21:01 unbound 53471:0 info: server stats for thread 2: requestlist max 0 avg 0 exceeded 0 jostled 0 Oct 2 19:21:01 unbound 53471:0 info: server stats for thread 3: 0 queries, 0 answers from cache, 0 recursions, 0 prefetch, 0 rejected by ip ratelimiting Oct 2 19:21:01 unbound 53471:0 info: server stats for thread 3: requestlist max 0 avg 0 exceeded 0 jostled 0 Oct 2 19:21:01 unbound 53471:0 notice: Restart of unbound 1.8.1. Oct 2 19:21:48 unbound 53471:0 notice: init module 0: iterator Oct 2 19:21:48 unbound 53471:0 info: start of service (unbound 1.8.1). Oct 2 18:59:37 dhcpleases Could not deliver signal HUP to process because its pidfile (/var/run/unbound.pid) does not exist, No such process. Oct 2 19:02:13 dhcpleases Could not deliver signal HUP to process because its pidfile (/var/run/unbound.pid) does not exist, No such process. Oct 2 19:02:33 php-fpm /index.php: Successful login for user '****' from: *** (Local Database) Oct 2 19:02:46 dhcpleases Could not deliver signal HUP to process because its pidfile (/var/run/unbound.pid) does not exist, No such process. Oct 2 19:03:52 dhcpleases Could not deliver signal HUP to process because its pidfile (/var/run/unbound.pid) does not exist, No such process. Oct 2 19:04:59 dhcpleases Could not deliver signal HUP to process because its pidfile (/var/run/unbound.pid) does not exist, No such process. Oct 2 19:05:57 dhcpleases /etc/hosts changed size from original! Oct 2 19:05:57 dhcpleases Could not deliver signal HUP to process because its pidfile (/var/run/unbound.pid) does not exist, No such process. Oct 2 19:06:00 dhcpleases kqueue error: unkown

@viragomann I most surely did not (or had long forgotten about it). I was totally looking in the wrong place. Thank you for your help on a simple problem that was driving me crazy!!!

Services - DNS Resolver - Advanced Settings. Bump the log level from 1 to 2 or 3 and then try again. Do you happen to run the pfBlocker package?

Devices don't just go willy nilly changing their mac addresses ;)

Even when its a VM, the mac doesn't change for the vnic you created without you going in and actually changing it..

Which is completely up to the client to use or not use..

With linux you could add

request host-name

To the dhcp client config, but I am not aware of a way to get windows to ask for option 12 or use if offered.

Here
https://redmine.pfsense.org/issues/6799

And here is thread where me and derelict discussed it.. I am a fan of using the ! rule, but if your going to use them you have to make sure to double check your not running into any issues.

https://forum.netgate.com/topic/128202/invert-match-doesn-t-work

ok, i'm getting back to this finally. to answer your question the way my system has been working, with my old reliable cable internet, traffic connected to my isp dns through their dhcp server but i had a rule set up so that the alias (which were the computers i wanted on the vpn) to go to my vpn's dns servers.
At any rate the system worked as i described in my last post for about a week, then all went haywire and i had no internet again, so i decided to start fresh. i built a new box from spare parts and installed the latest and greatest pfsense on it. for my internet connection (wan) i selected PPPOE and put my user name and password in. then i configured my CA certificate stuff and went to the open vpn to add a client, on the line labeled "interface" i select wan (my PPPOE connection to the internet) i fill in alllllllll the other things and then when I save, I get a message saying that "An IPv4 protocol was selected, but the selected interface has no IPv4 address" so what am I doing wrong?

@johnpoz said in WPAD for two networks:

cool, i was wildly off course. thanks for that. need to provide the views for separate vlans.

I can say that if I use only the FritzBox for the internet connection (no pfsense involved) all is fine. There are no errors in the log files of the FritzBox. I have heard that the the Super Micro Board can have some issues. Can it be that the NICs are faulty?

I found an old thread where they discribed this issue. There is a solution to this but not for me I posted in this old thread.

And again there is ZERO reason to setup any dns in general with pfsense, since unbound out of the box "resolves" it does not use what you put in general.. Unless you change it to forwarder mode.

Doubtful. From what you've posted this would appear to be entirely contained somewhere inside FreeNAS. It's logging what it believes to be an alteration to something else on the FreeNAS system. The fact that the error mentions the actual IP address and MAC address of pfSense, and not something else, would appear to suggest that it's not a problem external to FreeNAS.

Slight possibility there is another device on the network also trying to be 10.0.1.1, but usually in that case you'd see an error logged on pfSense about another device attempting to use its MAC address.

There is always one who is late to the party. Sorry.
I suppose the MODS can delete this posts.

Awesome, thanks for the info. I changed it back to strictly DoT going directly to cloudflares publics.

@Fahrenhe1t said in PfSense dyndns setup with Hover registrar:

Thanks for creating this!

To clear up any confusion for anyone, when creating the DDNS client record for Hover, it asks for hostname and domain name.  In the instructions below it, it says to enter the fully qualified domain name in hostname.  However that did not work for me.  To update a host\domain name called "my.host.com," I entered like this:

Hostname: my
  Domain name: host.com

I also saw a post from M.Roth on the Hover Forums the following tips:

second-factor has to be disabled on the account, otherwise login does not work

a hostname has to be provided; * or @ is not accepted by the pfsense config

How does it look with multiple domain suffix, i.e. my.host.com, my.host.org, my.host.net?

Would I need separate entries in pfsense for each?

Thanks for that clarification.
I assumed that much as my LAN clients have no problem getting IPv6 leases.
I think I'm going to wipe this machine and build a new one. I would love to thinker with it and find out what exactly is causing this but unfortunately I just don't have that much time.
Thanks a lot for the help so far, it's really appreciated.