Upgraded from pfsense+ 23.01 to 23.05 loss of internet connectivity after upgrade

RobbieTT

@killerb You will get better responses with more information and proper screenshots uploaded to this forum. People are often wary of clicking on an external link, however well motivated.

️

killerb

@RobbieTT Thank you for the suggestion.

See image uploaded below as I can't edit the original post.

RobbieTT

@killerb Thanks but really, an actual photo of a monitor screen? Anyway, moving on.

Please post some details too - we do not even know what your pfSense is running on. I guess with the photo we can rule out an official Netgate router or a VM running on a NASA super computer, so I guess we are closer.

Some idea of your topology such as what your WAN service is, how it is delivered, what interface it is physically connect to etc would really help.

️

haraldinho

@RobbieTT My system is also refusing to do DNS after the upgrade. I run on a Netgate 6100 Max.

The connectivity is there, I can ping any IP address, however it seems to not do forward lookups outside my self configured DNS entries. Below a dig with 9.9.9.9 and a dig result through my own DNS.

haraldinho@MBPVH ~ % dig @9.9.9.9 google.com

; <<>> DiG 9.10.6 <<>> @9.9.9.9 google.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60077
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;google.com.			IN	A

;; ANSWER SECTION:
google.com.		262	IN	A	142.250.179.206

;; Query time: 139 msec
;; SERVER: 9.9.9.9#53(9.9.9.9)
;; WHEN: Sun May 28 17:52:01 CEST 2023
;; MSG SIZE  rcvd: 55


haraldinho@MBPVH ~ % dig @192.168.1.1 google.com

; <<>> DiG 9.10.6 <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 14522
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1432
;; QUESTION SECTION:
;google.com.			IN	A

;; Query time: 6 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Sun May 28 17:54:46 CEST 2023
;; MSG SIZE  rcvd: 39

What I noticed is that when I disable "Enable Forwarding Mode" and "Use SSL/TLS for outgoing DNS Queries to Forwarding Servers", save and apply changes, and then enable both again it starts working again until the next reboot.

@killerb does this also work the same for you? I don't want to steal your topic

killerb

@RobbieTT I am running a home built box. intel i3-9100 with 8gb ram and 250 gig nvme. Xfinity cable internet. The modem (xb8 lastest gateway) is in bridge mode connected to the pfsense box. Intel X710T2L nic. pfsense shows my wan address correctly just no internet connectivity until I flip routing between automatic and wan_dhcp. Reboot and no internet again.

killerb

@haraldinho kind of a different situation, I think. I can't ping anything. I have go to routing and flip back and forth between automatic and wan_dhcp for internet connectivity again.

haraldinho

@killerb were you able to resolve your issue? I was not able to spend time on mine in the past week, so I am still on 23.01.

killerb

@haraldinho No. couldn’t get any help so I’ve switched to Sophos Firewall.

stephenw10

When you set a different default gateway it adds back the default route. If you test it again I would try just resaving the gateways page without changing the gateway and see if that also restores connectivity.

If it is booting with no default route I would suspect there is some conflict. Odd that it's only during boot though.

Steve

killerb

@stephenw10 Back to pfSense from Sophos. Glad to be back. That is all I will say. Fresh install of 2.7.2 CE and upgraded to 23.09.1 plus on a new NVME drive. No other hardware changes. All is working perfectly out of the box. I have purchased TAC Lite. I didn't realize before I was on home/lab license so I didn't get any kind of support except for community. All is right in the pfSense world now.