So far so good, I manually configured the interface and I think it has been fixed.

@aslatius said in DNS Resolver Infrastructure Cache Speed:

The reference to the DHCP registration

It works like this : every time a DHCP lease comes in, unbound is restarted.

https://www.netgate.com/docs/pfsense/dns/index.html


@bjk said in DHCP fails silently, but works on reboot of pfSense:

Should I start a new thread concerning why my VLAN interfaces are not showing up in the GUI? Any other thoughts on this? Any suggestions on things to try to maybe understand what might be happening here? thx again

Yeah that's a separate issue and I can't reproduce it here at all. I can't see why it would behave inconsistently either.

Just want to say that I also have this issue on 2.4.4. I've checked the logs to find this

Nov 13 09:43:51 dhcrelay Disabling output on BPF/vmx1.2202/00:50:56:94:4b:66
Nov 13 09:43:51 dhcrelay Disabling input on BPF/vmx1.2202/00:50:56:94:4b:66
Nov 13 09:43:51 dhcrelay receive_packet failed on vmx1.2202: Device not configured

repeated for each interface setup for DHCP Relay. Restarting the service fixes it, but I'd rather not take mcarson75's solution of setting up a cron job to fix this.

Wild guess: You are running pfBlockerNG and one of your lists is blacklisting dyndns.org. Go to Diagnostics -> DNS Lookup and see where members.dyndns.org resolves to. If that isn't the problem open https://members.dyndns.org in your browser and check it's certificate, they may have messed up something on their end.

If you want more accurate help you need to provide details about your setup.

Great tool and pfSense is the best ;)

0_1541660663703_8226a5d3-f749-487b-b5ad-278b45054091-image.png

The interface is enabled. DHCP is not required on this interface as a Windows server server is providing it. Rules are based on VLANS not interfaces so the Rules follow the re-assignment of the vlan to a different interface. DNS is failing when it's on the different interface. orig int = igb0 new int = igb3.

@jdeloach said in Unbound Log Entries:

Can someone tell me what these entries in the unbound log mean. Are these something I need to be concerned with?

Nov 3 00:40:57 unbound 61464:0 info: generate keytag query _ta-4a5c-4f66. NULL IN
Nov 2 12:45:26 unbound 61464:0 info: generate keytag query _ta-4a5c-4f66. NULL IN
Nov 2 01:21:56 unbound 61464:0 info: generate keytag query _ta-4a5c-4f66. NULL IN
Nov 1 13:51:52 unbound 61464:0 info: generate keytag query _ta-4a5c-4f66. NULL IN
Nov 1 02:55:48 unbound 61464:0 info: generate keytag query _ta-4a5c-4f66. NULL IN
Nov 1 02:55:46 unbound 61464:0 info: start of service (unbound 1.7.3).

Hi,
Maybe this would help :)

https://nlnetlabs.nl/pipermail/unbound-users/2018-March/005110.html

For clarification it was a 502 Bad Gateway error, not a 403.

I was able to get this resolved finally. My gut was right, the issue was on the HyperV switch side and not on pfsense. I had to setup the virtual switch for trunking with powershell scripts since its not possible with the GUI. Once I did that it was straighforward. A word of caution for others who attempt this any changes done through powershell will be overwritten by the GUI if you modify there. So take extra caution.