DNS Resolver and Forwarder not Working

tactilebiscuit4

@steveits I have firewall rules like the image for LAN OPT1 and OPT2.

Network interfaces is set to all and Forwarding is off currently, but doesn't fix the issue when its on.

viragomann

@tactilebiscuit4
Did you mess with the outbound NAT?

tactilebiscuit4

@viragomann I haven't messed with it at all. It's still the default setting.

viragomann

@tactilebiscuit4
Did you also state the Cloudflare and Googel server in System > General Setup?

What if you try to resolve a host name on pfSense in Diagnostics > DNS Lookup?

What do you get if you resolve a name with nslookup on Windows? What is the responding server?

Gertjan

@tactilebiscuit4

Your image is strange.

A modem in bridge mode on the left side.
The line between this modem goes to the pfSense box : to it's WAN interface.
What is the other WAN round circle in the right bottom corner ?

johnpoz

@gertjan said in DNS Resolver and Forwarder not Working:

What is the other WAN round circle in the right bottom corner ?

Good question ;)

tactilebiscuit4

@viragomann I did set them in General Setup. I get the below picture when doing DNS lookup from the pfsense box.

On windows it gives me the IP of the PFSense router but doesn't resolve the hostname of my router and then tells me the DNS request timed-out.

tactilebiscuit4

@johnpoz @gertjan Sorry its my poor diagraming skills lol. I was thinking about the 4 ports on the box and didn't think out how that looked.

Modem is plugged into the WAN port and getting a valid Public IP

Gertjan

@tactilebiscuit4

Ok, that looks pretty basic to me.
I have nearly the same setup, with the exception my ISP device is a router, delivering a RFC1918 like "192.168.10.3" as a WAN IP to my pfSense.
When setting up pfSense it has initially just a LAN (no OPTx) and a WAN.
Just giving it a host name, a domain name and leaving the DNS server list empty :

and everything start to work.

A less known secret is (and please keep this for yourself) is that pfSense is like every other router you can buy out there.
I presume you had to chose as a WAN access the "pppoe" mode, and enter a ISP user + password. And that's it, DNS will start working. pfSense will work.

Now you can create your OPTx interfaces like this :

and define a pass firewall rule for these interfaces.
Then add a DHCP server instance for these interfaces with a IP pool.
And done.

SteveITS

@tactilebiscuit4 Can pfSense traceroute to 8.8.8.8? (Diagnostics menu)

tactilebiscuit4

@steveits

It can traceroute Googles DNS IP

tactilebiscuit4

@gertjan Right, I have done that. However, I didn't set up the WAN interface with PPPoE. I set it using DHCP. It gets the correct Public IP. The DNS didn't work even before I set up my OPT1 and OPT2 interfaces. I have a 1200 mbit connection with Xfinity.

viragomann

@tactilebiscuit4
Can you please post the outputs of

ifconfig

and also of

dig @8.8.8.8 google.com

Gertjan

@tactilebiscuit4 said in DNS Resolver and Forwarder not Working:

I set it using DHCP.

Have you checked (set) this option on the General > System setup page :

?

Is there a open access to "all internet addresses", port 53, protocol UDP and TCP ?

tactilebiscuit4

@gertjan @johnpoz @viragomann @SteveITS I seem to have fixed the issue over the weekend. I am not sure what was wrong but re-installing with the newest version allowed me to use the DNS Resolver. I was using an older version. But installing with 2.6.0 fixed the issue for me. I did notice, however, that when rebooting with the older version, the DNS Resolver service was taking a while to start up. I never actually chekced the services running on the router so its possible that the service was just not able to start. I did "Restart" the service through the Web GUI a few times and it never gave me any indication that it didn't work. Its possible the service was not actually started or in a hung state. Thanks for all your help though, really appreciate all the responses!