• Can't ping any LAN hosts by host name

    21
    0 Votes
    21 Posts
    4k Views
    P
    @rcoleman-netgate said in Can't ping any LAN hosts by host name: Bridging in BSD should be used in a very sparing, limited function. It's not a switch, it's a router. @redbearak said in Can't ping any LAN hosts by host name: If bridging is really something BSD can't do reliably, If you really wanted bridging on your hardware you could run a Hypervistor such as Proxmox which does support bridging via underlying Linux. pfsense can then be run in a VM. A Linux bridge emulates a switch (not Hub by default) but may still be inferior to a dedicated switch. The complexity of running a hypervisor just to create a switch is likely to be poor use of your time. I run pfsense under Proxmox but pass through the NICs used by pfsense to optimise pfsense function and minimise the exposure surface however may others use VirtIO
  • 0 Votes
    1 Posts
    513 Views
    No one has replied
  • Virtual pfSense Not Assigning IPs

    Moved
    2
    0 Votes
    2 Posts
    529 Views
    R
    @danjmillier have you run a packet capture on the interface to see if it's seeing the DHCP requests?
  • descriptions on devices

    4
    0 Votes
    4 Posts
    883 Views
    R
    @jwwags92 DNS resolver would make it a universal setting to all items that use your pf to resolve... but you're still stuck in the spot of having to do it manually. Configuring a static-map is still a need, and while it usually works it won't help you when you have a static address already that needs an FQDN.
  • Dynamic DNS *NOT* Updating "Cached IP"

    36
    2
    0 Votes
    36 Posts
    12k Views
    S
    @viragomann Thanks. Will follow over there.
  • Unbound is still crashing, at least once daily.

    11
    0 Votes
    11 Posts
    3k Views
    GertjanG
    @mtarbox said in Unbound is still crashing, at least once daily.: service watchdog restarting, etcetera Be careful with that one. To keep things close to your profession : what happens when you electro choc a patients heart when it is still beating ? Right, you stop it, and thus you're making things worse. When ever possible, stop using the "service watchdog".
  • DNS Host Override not working

    8
    0 Votes
    8 Posts
    1k Views
    johnpozJ
    @cryptos said in DNS Host Override not working: Still doesn’t make sense, though, since the override should have returned the internal IP for internal queriers. Yeah - and you showed it did with your direct query. These browsers and their doh ticks me off to no end.. I don't think you can view what the browser shows as IP for fqdn in chrome, but firefox you can.. And it should list your doh settings on the top example [image: 1657673107615-trr.jpg] See my nas.local.lan - and what doh mode I am in, and if it came from TRR or not.. 5 - Off by choice. This is the same as 0 but marks it as done by choice and not done by default. You can never trust these guys these days... I have all known doh IPs blocked in pfsense as well.. If you couldn't tell, not a fan of doh ;)
  • Unbound dns resolver stops resolving every few days after 22.05 upgrade

    14
    0 Votes
    14 Posts
    3k Views
    GertjanG
    @pajinha said in Unbound dns resolver stops resolving every few days after 22.05 upgrade: not sure how they managed to screw this one. The forum mentions a couple of 'DNS' issues since 22.05. But, what is a couple ? 22.05 has been downloaded and installed many thousands times (I can't tell, but I'm pretty sure). @pajinha said in Unbound dns resolver stops resolving every few days after 22.05 upgrade: ( removed my VPN outgoing interfaces ) If your DNS also goes over this VPN and the VPN is bad - as this can happen, they are not all equal and perfect - then, yeah, DNS looks bad. Because your uplink is bad. DNS is mostly UDP, these can get lost. unbound won't hammer away, and return a SERVFAIL. TCP get renegotiated and is far more resilient. For now, my DNS using 22.05 using default settings and no VPN is working as before. And don't tale my word for it, see for yourself.
  • NordVPN DNS servers seems to be down from my end but are apparently npt

    15
    0 Votes
    15 Posts
    2k Views
    P
    @bob-dig Make sense now that I read the tooltip differently. When the tooltip says "...if DNS Forwarder or Resolver is enabled" they mean enabled VS disabled from a service perspective and not on a per-interface basis.... That's what I misinterpreted. That's be nice to be able to NOT run unbound on an interface and serve system DNS servers. IMO the DHCP server should pass DNS servers in the following order: If DNS fields are populated use their settings; Otherwise If unbound is running on the interface use interface IP Else pass system DNS servers That's probably more of an improvement idea than anything else. For now (and probably forever) I have copied the system DNS servers onto the DHCP fields for DMZ and I'm back to normal. Sorry about the confusion. Funny how something can be interpreted differently... Thanks for your patience @Bob-Dig !
  • DNS can't find itself

    1
    0 Votes
    1 Posts
    258 Views
    No one has replied
  • Cant ping Lan <-> Opt 1 ?

    21
    0 Votes
    21 Posts
    2k Views
    S
    @johnpoz That makes more sense, I agree. You think that perhaps client (windows or mac) firewall deactivation only happened after a reboot ? If so that is bad behaviour, hope it doesn't do that when enabling it !
  • Domain name of pfsense via Cloudflare

    18
    0 Votes
    18 Posts
    2k Views
    johnpozJ
    @scroll_dp said in Domain name of pfsense via Cloudflare: that routing public IP to lan network That is a port forward.. You mean you want a "dmz host" like home routers allow you to do? You could do that with a 1:1 NAT - again BAD IDEA!!!
  • TRUE remote unbound-control(8) from another host

    1
    0 Votes
    1 Posts
    307 Views
    No one has replied
  • dhcp shortcut addresses/entries?

    10
    1
    0 Votes
    10 Posts
    1k Views
    M
    @johnpoz @keyser So ty for the screenshot, I didn't have source advanced matched correctly.. And I was trying to redirect to another host.. so I am now seeing ntp clients on the router.. but of course (without physically going to each host..) I have another question.. pfsense host tcpdump -v -i igb0 dst port 123 and src net 10.20.0.0/16 -n -vvv bare metal (void) linux host.. tcpdump -v -i enp1s0f0.173 dst port 123 and src net 10.20.0.0/16 -n -vvv [image: 1657326398429-657bfd16-2a1f-4e81-994a-f9b8f7bbdce7-image.png] What is up with all the time disparities? 1 and 4 look fine.. what is up with 2, 3, and 5? The host on top is pfsense and running ntpd, host on bottom is running chronyd.. host 1 is another pfsense, host 2 is a bare metal linux which locally reports correct time, host 3 is an esxi vm also locally reporting correct time, host 4 is an esxi windows vm locally reporting correct time, host 5 is an axis camera locally reporting correct time.. I just wouldn't have expected to see all those different times.. This was the host I was testing from originally.. (which also looks correct locally and in the tcpdump..) [image: 1657326939985-a1f81a54-a519-4357-a250-dfaca34d2e04-image.png] Random host had this to say about tcpdump timestamps.. (https://weberblog.net/packet-capture-network-time-protocol-ntp/) "transmit timestamp: “Time at the server when the response left for the client.” This is the most interesting timestamp in those NTP packets since it shows the time the NTP client/server had as it sent the NTP packet. If you roughly want to know the time by looking at an NTP packet, look at this transmit timestamp."
  • Multiple MAC per IP? strange...

    1
    1
    0 Votes
    1 Posts
    252 Views
    No one has replied
  • DNS not forwarding on ethernet clients

    3
    0 Votes
    3 Posts
    677 Views
    L
    @rcoleman-netgate No. I have one lan interface from the pfsense router that connects to a switch. They are all in the default VLAN.
  • OpenVPN DNS Server for Certain Geo-blocked devices

    1
    0 Votes
    1 Posts
    308 Views
    No one has replied
  • Bind as slave

    1
    0 Votes
    1 Posts
    297 Views
    No one has replied
  • DHCP wont start after a power outage

    [help]
    17
    0 Votes
    17 Posts
    2k Views
    GertjanG
    @ofir29200 said in DHCP wont start after a power outage: 10 PC was running 1 year straight without a power outage (but then it became unresponsive, so I had to reboot it...) That's pretty darn good for a consumer grade desktop OS. Still, as this is consumer desktop OS, after the reboot I would bet heavily on "issues" after such a period. You were also skipping major security updates .... that's something I wouldn't even dare to do.
  • Huge DNS traffic?

    9
    0 Votes
    9 Posts
    1k Views
    GertjanG
    @deanfourie said in Huge DNS traffic?: pi Thinks get easier now. Who admins this thing ? You ? Go for the easy choice : rip it out of your network. Solved ;) Or go for the Youtube 'wtf is a pi anyway' series. You be in for some pretty good DNS info ;) edit : Btw : pi and pfBlockerng-devel do somewhat the same thing. Using both == annoying a best.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.