Pfsense and network DNS

swampland7794

@johnpoz I would would send you a screenshot, but I can't figure out how to upload one from Android. That's what my options are set to under general settings. It shouldn't use 127.0.0.1 since that's the loopback address.

johnpoz

@swampland7794 said in Pfsense and network DNS:

It shouldn't use 127.0.0.1 since that's the loopback address.

Not if you set it to use remote and ignore local.. As to posting a screen shot use this button

Or you could use this to post some external image

swampland7794

@johnpoz thanks, I pressed the wrong icon.

swampland7794

@swampland7794 I unchecked that option after the screenshot was taken.

johnpoz

@swampland7794 well when you do your dns lookup now under diagnostics what do you see.. From your screenshot before that IP answered - but looks like it couldn't lookup google.. But showed a 0 ms response time..

Query something you know your local dns has a record for, or can lookup.. do a simple query to it with your fav tool other than pfsense for example..

jrey

@johnpoz said in Pfsense and network DNS:

seems unlikely that a new user would be doing that

True, but you never know, if you don't ask.
Take my wife for example. Give her a piece of tech and she pokes buttons "learning". then in a few days hands the device back to me, and says "it is broken, can you make it go". First question is always, "so what did you poke?".

Maybe he setup some soft of pfblocker rules that are doing it?

not likely. Although there was a report a while back, that one of the "lists" had added 9.9.9.9 (in error) and anyone using that list, with that DNS suddenly didn't resolve.

in the very first post,

@swampland7794 said in Pfsense and network DNS:

I have a mini server with technitium DNS server on it and I changed pfsense general settings to have this device as the only DNS server,

I noticed that all of my devices are using my DNS server except pfsense itself.

The IP address for DNS at 203.x.y.z doesn't seem like his local "have a mini server with technitium DNS server"

that address seems more like

inetnum:        203.128.32.0 - 203.128.63.255
netname:        SawasNet
descr:          Beijing Sawas Technology Co.LTD.
descr:          Room 608,Beihang Boyan Building,No.238 Fouth
descr:          Northern Central Road,Haidian District,Beijing
country:        CN

swampland7794

@johnpoz I chose Google and my docker server.

swampland7794

@jrey I manually set my subnet to something obscure like 203.128.45.0/24 which puts my pfsense box at 203.128.45.1 and my mini server at 203.128.45.2

jrey

@swampland7794 said in Pfsense and network DNS:

set my subnet to something obscure

randomly or do you own the address space?

swampland7794

@jrey randomly

johnpoz

@swampland7794 said in Pfsense and network DNS:

ubnet to something obscure like 203.128.45.0/24

Yeah NOT a good idea at all, while technically you can do it - its a horrible idea to do that.. that space is owned by

inetnum:        203.128.32.0 - 203.128.63.255
netname:        SawasNet
descr:          Beijing Sawas Technology Co.LTD.

Whatever your doing your query to refused it.. You would have to look to the acl you have set on that NS your sending the queries too.

jrey

@johnpoz

so what I said regarding ownership (good we agree) :

@swampland7794

https://en.wikipedia.org/wiki/Private_network

johnpoz

@jrey yeah its horrible practice to just pull public space out of thin air and use it locally.. You have all of rfc1918 to use, there is zero reason to use public space that you do not own.

swampland7794

@johnpoz oh that's bad. I changed it to 192.168.45.0/24. Thanks for telling me!

swampland7794

@swampland7794 I changed the DNS address to 1.1.1.1 and changed the subnet... I messed my home network and I don't have access. I'll fix it when I get home tonight and we'll see if that resolved my issue.