Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfSense resolver stops working

    Scheduled Pinned Locked Moved DHCP and DNS
    66 Posts 7 Posters 15.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • maverickwsM
      maverickws @johnpoz
      last edited by

      @johnpoz but in my case they aren't streaming boxes. They're application servers, database servers and alike. the webserver/dbserver was an accurate example of local connections here. We never connect to the web server using IPv6, but the web server does connect to services internally using ipv6. or used to, I guess.

      johnpozJ 1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator @maverickws
        last edited by johnpoz

        @maverickws sorry I might of gotten a bit off topic, I was just bitching about IPv6 dns clients in general...

        To me if you don't have a GUA, or at least ULA - there is zero point to asking for AAAA, sure ok maybe you have link local, but link local addresses don't belong in DNS..

        https://www.ietf.org/rfc/rfc4472.txt
        Operational Considerations and Issues with IPv6 DNS

        Section 2.1

        Link-local addresses should never be published in DNS (whether in
        forward or reverse tree), because they have only local (to the
        connected link) significance [WIP-DC2005].

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 1
        • lohphatL
          lohphat @maverickws
          last edited by lohphat

          @maverickws said in pfSense resolver stops working:

          I don't think it's memory related (could be wrong ofc) but I've never seen the pfSense be nowhere near it's limits either of memory or CPU.

          It's related to memory allocation unbound uses internally for its local data, not the entire memory on the appliance running out.

          See earlier post regarding unbound release 1.16.0 github notes

          SG-3100 24.11-RELEASE (arm) | Avahi (2.2_6) | ntopng (5.6.0_1) | openvpn-client-export (1.9.5) | pfBlockerNG-devel (3.2.1_20) | System_Patches (2.2.20_1)

          1 Reply Last reply Reply Quote 0
          • maverickwsM
            maverickws
            last edited by

            Hi guys I have an update on this, will update if it goes the other way:

            I was doing some changes on my home pfsense (where I have pfblockerng etc) and all of the sudden dns went a-wire.
            Ended up having to add the do-ip6: no option but that really wasn't making sense as I had updated in ages and haven't had issues so far. PLUS I have IPv6 here working well.

            So in the end I remembered I had enabled the Experimental Bit 0x20 Support option.
            Disabled it, haven't had issues since. A couple of hours.
            So I'm wondering how's your setups and what conflict could it be.

            johnpozJ 1 Reply Last reply Reply Quote 0
            • johnpozJ
              johnpoz LAYER 8 Global Moderator @maverickws
              last edited by

              @maverickws Have had that enabled for YEARS.. zero issues with it.

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 24.11 | Lab VMs 2.8, 24.11

              maverickwsM 1 Reply Last reply Reply Quote 0
              • maverickwsM
                maverickws @johnpoz
                last edited by

                @johnpoz

                i know i have it enabled at the pfsense on service and honestly thought it was so as well with the home pfsense. crossed my eyes on it, saw it was disabled, never gave it a thought, enabled. so far all ok since i disabled it again, let's see

                E 1 Reply Last reply Reply Quote 0
                • E
                  Erutan409 @maverickws
                  last edited by

                  @maverickws Did that end up fixing your issue?

                  maverickwsM 2 Replies Last reply Reply Quote 0
                  • maverickwsM
                    maverickws @Erutan409
                    last edited by

                    @Erutan409
                    Hi there,

                    From what I remember it solved my issue then, but I'm having another issue now I'll be making another topic for it.

                    1 Reply Last reply Reply Quote 0
                    • maverickwsM
                      maverickws @Erutan409
                      last edited by

                      @Erutan409 See if this means anything to you please

                      https://forum.netgate.com/topic/183918/unbound-resolver-failed-to-resolve-host

                      E 1 Reply Last reply Reply Quote 0
                      • E
                        Erutan409 @maverickws
                        last edited by

                        @maverickws Yeah, it also seems to be happening more frequently with me, too, all of a sudden.

                        1 Reply Last reply Reply Quote 1
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.