Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Slow DNS resolution with PfBlocker/DNSBL

    Scheduled Pinned Locked Moved pfBlockerNG
    5 Posts 3 Posters 2.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      romainp
      last edited by

      Hi,
      I have posted the same question at this place, not sure if it's a DNS or a PfBlocker/DNSBL issue:

      https://forum.pfsense.org/index.php?topic=130696.0

      In fact my issue seems to be new with 2.3.4 and PfBlocker/DNSBL: when a computer woke from a standby mode, the DNS is very slow and take 30s until it finally work. With PfBlocker/DNSBL, it's much more fast.

      Any idea?
      Thanks!

      1 Reply Last reply Reply Quote 0
      • BBcan177B
        BBcan177 Moderator
        last edited by

        Not sure what you mean by "Standby"?  If you are using RAMdisks then the /var folder is wiped on reboot which can cause issues… Check the system and Resolver and pfBlockerNG logs for additional clues...

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • R
          romainp
          last edited by

          Hi!
          Sorry I do not explain myself very well… Let me take a deep breath and start over :)

          • I have 2 laptops connected to my pfsense router.
          • I have activated pfblockerng
          • I never shutdown my laptops, only close the laptop screen so it enters in a standby mode.
          • If I "wake up" my laptop by opening the screen (I do not know if this is the right term, sorry...), then in few seconds, I got my internet connexion up again and can surf the net quite quilcky.
            Now
          • I add the dnsbl option to pfblockerng
          • I put my laptop in standby mode
          • wake up my laptop again
          • The connexion is up again but not the dns resolution. It takes 20 to 30 secs to have it working.

          If I disable the dnsbl option then, dns resolution is much more faster when my laptop exit from standby mode and try to connect.

          If it's still ne clear, please let me know!

          Thanks!
          Romain

          1 Reply Last reply Reply Quote 0
          • BBcan177B
            BBcan177 Moderator
            last edited by

            Do you see the following domain listed in the Alerts Tab?

            msftncsi.com

            You could also try to grep to see if its listed in DNSBL:

            grep "msftncsi.com" /var/db/pfblockerng/dnsbl/*

            If its listed, Whitelist that Domain and see if that fixes your issue…

            Otherwise, review the pfBlockerNG Alerts tab for blocked domains that might be causing issues for you...

            "Experience is something you don't get until just after you need it."

            Website: http://pfBlockerNG.com
            Twitter: @BBcan177  #pfBlockerNG
            Reddit: https://www.reddit.com/r/pfBlockerNG/new/

            1 Reply Last reply Reply Quote 0
            • ?
              A Former User
              last edited by

              I know this thread is 3+ months old, but I stumbled upon it and think I know what the issue was. I had stumbled upon this Reddit thread and added the WindowsTelemetry hostslist. After I added to a DNSBL feed and forced an update, DNS resolution slowed to a crawl. After removing it, forcing another update and then rebooting pfSense via CLI, everything was resolved.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.