Unable to ping google.com but successfully ping 8.8.8.8
-
I am a newbie to pfsense. For many years, I've been using Netgear as my router but after reading about pfsense, i have decided to migrate to pfsense.
My existing Netgear router has the DNS setting - Get DNS Address automatically from ISP.
I have tried 3 difference variation of install but all unsuccessful
Please help
-
@apal00 said in Unable to ping google.com but successfully ping 8.8.8.8:
My existing Netgear router has the DNS setting - Get DNS Address automatically from ISP.
That's what we call DHCP.
Unable to ping google.com but successfully ping 8.8.8.8
So possibly you cannot resolve host names. Maybe due to wrong DNS settings?
But from where? From pfSense or from a device in the LAN?Consider that by default pfSense use other DNS servers for its own purposes than for the DNS resovler which is provided to LAN devices.
If you cannot resolve names in LAN check which DNS server the device is using and if pfSense allows the access to it.
-
@viragomann Same issue, pfsense, and laptop connected to pfsense. DNS settings are all default.
-
@apal00
Check if you can resolve google.com.
On pfSense: Diagnostic > DNS lookup
On Windows on the command prompt:nslookup google.comDo you get an IPv4 on WAN?
-
@viragomann From PC:
nslookup google.com
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-outDiagnostics DNS Lookup
Host "google.com" could not be resolved.
DNS Lookup
Hostname
google.com
Timings
Name server Query time
127.0.0.1 0 msec
192.168.10.1 No responseInterfaces
WAN UP 1000baseT <full-duplex> 192.168.10.35
LAN UP 1000baseT <full-duplex> 192.168.1.1WAN IPV4 Configuration Type:DHCP
WAN Bloack Private/Bogon network option-unchecked
Default Firewall - No entry in WAN -
@apal00 said in Unable to ping google.com but successfully ping 8.8.8.8:
Get DNS Address automatically from ISP.
Could you show your dasboard I want to see what it shows on the dns server please.
-
@silence login-to-view
I would like to call out that it takes almost a minute to load dashboardlogin-to-view -
-
-
@apal00 said in Unable to ping google.com but successfully ping 8.8.8.8:
Diagnostics DNS Lookup
Host "google.com" could not be resolved.
DNS Lookup
Hostname
google.com
Timings
Name server Query time
127.0.0.1 0 msec
192.168.10.1 No responseSo pfSense gets no response from the stated DNS server 192.168.10.1.
The reason won't be on pfSesne. Ensure that the server is responding or set another one in System > General Setup.
If you want to use another, remove the check at "DNS Server Override". -
@viragomann said in Unable to ping google.com but successfully ping 8.8.8.8:
set another one in System > General Setup.
While sure he should get a response from there - out of the box pfsense would resolve, and that server doesnt' matter.
I would say his wan going offline and not the sendto errors to his pfsense gateway 192.168.10.1 would be more of a clue that his connection isn't even working.
Its quite possible his upstream router doesn't allow for dns to roots, etc. maybe it is doing dns interception?
-
@johnpoz
Agree. But it's also thinkable that he is running a DNS forwarder, so DNS requests from behind are going to his router.
I would expect, that he would talking notice if his WAN is going offline. -
@viragomann said in Unable to ping google.com but successfully ping 8.8.8.8:
that he would talking notice if his WAN is going offline.
You would think ;) But he made no mention of it other than posting it.. That was just the latest log interies. Nor did he make any mention of changing the default unbound.
Ya know something like I changed my unbound to forward, and its not working ;)
-
-
-
@silence issue remains after those changes.
@viragomann - i've unchecked the DNS Server Override with DNS server set as 8.8.8.8 but no success
@johnpoz @viragomann - I did notice that error of sendto 65 error and those are right after the installation. Reason I've ignored those is that I am able to ping 8.8.8.8, 1.1.1.1, 192.168.10.1 and other machines on 192.168.10.1 network. All nslookup requests are failing.
I've also noticed that the date & time in log files seem to be incorrect. I believe it is because of the DNS resolution issue again. pfsense is not able to synchronize the clock using ntp service in the general setup
login-to-view login-to-view login-to-view login-to-view login-to-view login-to-view -
@apal00 so your forwarding to your upstream router and googledns. But then you asked for 192.168.10.1
Try and resolve something like www.google.com or www.cnn.com etc.
if those does not resolve when your forwarding - then you have serious issue upstream, etc.
BTW having dnssec enabled while forwarding doesn't make a lot of sense, where you forward either does dnssec or it doesn't having that enabled does really nothing. It shouldn't cause you failure to resolve something like www.google.com, but its not a good setting when forwarding.
-
@johnpoz
@viragomann
@SilenceThank you so much for your support. I am able to resolve this issue. Root cause seems to be related to Intel i225v Intel 2.5G Nic. It seems there is an issue most likely in FreeBSD version used by pfsense 2.5.2. It is not fully supporting this nic card.
Steps to resolve this issue:
System-->Advanced -->Networking
Network Interfaces
Hardware Checksum Offloading - I had to check this box. Checking this is to disable hardware checksum offload.Thank you once again,