hi guys thank you so much for helping me…  like yu said its as a router has connected to my network . so it was going down every time . now fixed . working like great . thank you sooo much ...  ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D so lucky to have you guys

Phil, Followed your instructions, went into the GUI, set up the "upstream gateway" and now things are working fine…Thanks again for the advice...

I agree that most phones have a fail-over registration but some don't and those who do only have two entries (we may want to fail-over to one of three locations, two in the cloud one onsite). Does anyone know how to do this in the router itself?

Got it fixed, Not sure exactly why it was doing this but I booted into slice 2 and that was working so I copied Slice 2 to Slice 1 and after that I never had the issue again.

@ghostshell: No plex I would beg to differ to be honest.. 14:26:41.306997 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 49)     192.168.1.30.42027 > 192.168.1.255.32412: UDP, length 21 14:26:41.307097 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 49)     192.168.1.30.56755 > 192.168.1.255.32414: UDP, length 21 Clearly 192.168.1.30 is broadcasting traffic on well known plex ports.. https://support.plex.tv/hc/en-us/articles/201543147-What-network-ports-do-I-need-to-allow-through-my-firewall- The following ports are also used for different services: UDP: 1900 (for access to the Plex DLNA Server)     UDP: 5353 (for older Bonjour/Avahi network discovery)     UDP: 32410, 32412, 32413, 32414 (for current network discovery)     TCP: 32469 (for access to the Plex DLNA Server) While sure it could be something else - this is the only use of those ports that I am aware of.. Without seeing the actual sniff that can open in wireshark or something - that would be my guess to what the traffic is. And again - this traffic has nothing to do with file transfers between 2 boxes on the 192.168.1.0/24 network - since pfsense would never even see that traffic.  This is just typical broadcast noise..

Yeah I would sniff to see exactly what the client is sending back if anything. Under diag on pfsense just sniff on the lan interface for say port 67 You should then see the discover from the client, the offer from the server, the request from the client and then the ack from the server. What exactly are you seeing in this transaction?

Hi Guys sorry for the late reply ….All VLAN are virtual interface i created on Pfsense..... and all the VLAN are tagged to the Lagg i created ... i setup our HP switch in L2 Mode but it is not just acting as a layer 2 .... today i'm getting replacement from HP will update you the status... oh and Hybrid is a port when we tagged multiple vlan .... Thanks.... :-)

Yep, agreed - likely easier to just purge the data, start again (as there are thousands of lines in the table, don't really want to change each line …  ;)). Thanks for all the help!

I purchased a TP-Link TD-8616 ADSL2+ Modem and setup my WAN with PPPoE instead of DHCP through the bridged modem. This seems to be working find, so it looks like I'll retire the Dlink DSL-2320B and call it done.

The DHCP server assigns based on the MAC address so you can have whatever you want as a name in pfSense and the local DNS regardless of what the client sends to the DHCP server in the way of a name. I see this on several items of equipment where I have more than one and they all provide the same name. I never even considered it an issue until I discovered the Ubiquity Edge Router software had problems with it.

Awesome, I have allowed the IP address of the secondary server to do zone transfers and added a firewall rule allowing inbound 53 TCP. Thanks guys!

Thanks!

Its not that nslookup appends .home - it will append whatever domain your computer is in, or whatever your search suffix search is.  Which can be quite long depending how you set it up. You can view this with ipconfig /all example C:>ipconfig /all Windows IP Configuration Host Name . . . . . . . . . . . . : i5-w7   Primary Dns Suffix  . . . . . . . : local.lan   Node Type . . . . . . . . . . . . : Hybrid   IP Routing Enabled. . . . . . . . : No   WINS Proxy Enabled. . . . . . . . : No   DNS Suffix Search List. . . . . . : local.lan Notice domain is local.lan, if I just do a query via nslookup for just a host name it auto appends the search suffix - in my case .local.lan - sure if you setup network to use .home as your domain then it would append those to your searches.. So see attached sniff of when doing a nslookup for pfsense, the nslookup command fist does a PTR for the dns server in my case 192.168.1.253, you will then see it do query for A and AAAA both with .local.lan in the query even though I only did query for pfsense now if I did a query for say whatever.something.com you notice it still appends in the first query .local.lan - it gets no response for this so walks up the tree and says lets try without the suffix, see the query without the .local.lan If you don't want the query for your search suffix to be appended then you have tell nslookup hey this exactly what I want - don't add anything by putting . on the end.  3rd attachment notice it only does query for exactly what I asked for - no added suffix to the query. [image: query.png] [image: query.png_thumb] [image: otherquery.png] [image: otherquery.png_thumb] [image: endwithperiod.png] [image: endwithperiod.png_thumb]

very odd..  But sounds like your good to go then.

Again you did a query for a domain that doesn't even exist most likely dnstest.mydomain.com**.home** Is not dnstest.mydomain.com If setup tiny to be authoritative for mydomain.com, and created an A record for dnstest in that domain..  Doing a query for dnstest.mydomain.com**.home** tiny will tell you pretty much F off ;) if you didn't set it up for recursive. As to what its authoritative for - it would only be authoritative for the zones you created on it..

WAN interface is configured as DHCP client so no dhcp server setup on WAN. DHCP server is running on a router and a static ip has been reserved for MAC address of pfsense wan to stop chatter on the line.

It looks like the issue was that we decommissioned workstations without removing them from Active Directory. The DNS records of the old workstations stayed on the domain controller while the new workstations were joining, and I ended up with multiple DNS records pointing to a single IP address. The DNS/ActiveDirectory forwarding is working fine with pfSense, I have a similar setups at other sites.

Thank you very much for the inputs, appreciate it. Regards.