random no internet. DNS?

gjkrisa

hi i need help figuring out how to troubleshoot why i and another site randomly loose connection I have tail scale setup on the remote location and when they tell me there is no internet im able to still connect.

during this time i noticed some packet loss.
i have pfsense as main dns the 1.1.1.1 , 8.8.8.8 cloudflare being the fastest after local
only those two in the general setup.
what way should I track this to troubleshoot the issue.
currently just got 100% packetloss on dhcp4 but dhcp6 is rtt .07 rttsd 1.0ms 0% loss

stephenw10

When this happens what error do you see on clients trying to connect out? A resolution error?

Are LAN clients using pfSense for DNS? is pfSense running Unbound (the Resolver) in it's default mode?

Where are you seeing that packet loss? Against what target IP?

Steve

gjkrisa

@stephenw10
Dns is mostly pfsense defaults haven’t changed any clients.
But I now have google and cloud flare set up ask backup dns plus the ipv6 versions so I have 8 dns servers
There were no ipv6 dns setup so I added that.
I was seeing loss on the dashboard gateway.

Next time it happens Ill see what firewall blocks are mostly happening.

Setting up graylog and maybe zabbix.

Just need to know what to look at next time it happens.

Gertjan

@gjkrisa said in random no internet. DNS?:

I was seeing loss on the dashboard gateway.

That's a pretty solid proof that your 'random no Internet' is not related to DNS.

If you see a 'loss' here :

then say to yourself : even a very small ICMP ('pin') packets can't go up, and back anymore.
Like talking over a phone line which is momentarily ruptured. That doesn't work out very well.

So, DNS will start to fail, as visiting web servers with your browser, retrieving your mails, or stream something.

An Internet connection is pretty resilient, so, when traffic gets lost, it will get re demanded, over and over, up until some time out says : stop. That is the moment the user (you) see errors.

Btw : check also Status > Monitoring and select Quality left axis, with your WAN interface. It should show a stable line, no losses.

@gjkrisa said in random no internet. DNS?:

i have pfsense as main dns the 1.1.1.1 , 8.8.8.8 cloudflare being the fastest after local

@gjkrisa said in random no internet. DNS?:

But I now have google and cloud flare set up ask backup dns plus the ipv6 versions so I have 8 dns servers

1.1.1.1 and whatever else you entered isn't needed / neither used.
Your resolver is resolving.

@gjkrisa said in random no internet. DNS?:

There were no ipv6 dns setup so I added that.

Your are resolving.
This means that [the resolver uses the one of these](Root name server). See the list and their location.
They all have an IPv6 and an IPv6. The list with these IPs are build into the resolver - they never change. They were there since DNS was created, that was probably the second day after the birth of Internet.
They all are heavily CDNed.
Be aware : you need to have a working IPv6 connection otherwise you will experience big delays. Every modern OS, and also pfSense, based upon FreeBSD, uses first IPv6 and if that fails, if falls back to IPv4.

stephenw10

Indeed that sounds like a more general connectivity error. The error shown at the client when this fails should give you more info though.

gjkrisa

@Gertjan
Seeing 3% loss not complete also able to log in thru Tailscale but everyone else on the network can’t resolve anything

JonathanLee

@Gertjan cloudflare is so fast compared to others. I use port 853 also for it.

JonathanLee

@gjkrisa traffic shaping drops packets what's your limits you set up? Try Codel queus. If the limit is reaching it will drop packets on tail end. Do you use traffic shaping?

stephenw10

So clients are unable to resolve anything when this happpens but pfSense itself can? In Diag > DNS Lookup?