Unable to update repository pfSense
-
Sry to resurrect a zombie thread, but can't retrieve packages.
GUI just pinwheels, so I ran the suggested command below.
[2.7.2-RELEASE][root@pfSense.[redacted].com]/root: pkg update Updating pfSense-core repository catalogue... pkg: No SRV record found for the repo 'pfSense-core'[2.7.2-RELEASE][root@pfSense.[redacted].com]/root: pkg-static -d update DBG(1)[29255]> pkg initialized Updating pfSense-core repository catalogue... DBG(1)[29255]> PkgRepo: verifying update for pfSense-core DBG(1)[29255]> Pkgrepo, begin update of '/var/db/pkg/repo-pfSense-core.sqlite' DBG(1)[29255]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_7_2_amd64-core/meta.conf DBG(1)[29255]> curl_open pkg-static: No SRV record found for the repo 'pfSense-core' DBG(1)[29255]> Fetch: fetcher used: pkg+https DBG(1)[29255]> curl> fetching https://pkg.pfsense.org/pfSense_v2_7_2_amd64-core/meta.conf DBG(1)[29255]> CURL> No mirror set url to https://pkg.pfsense.org/pfSense_v2_7_2_amd64-core/meta.conf DBG(1)[29255]> CURL> attempting to fetch from https://pkg.pfsense.org/pfSense_v2_7_2_amd64-core/meta.conf, left retry 3 * Couldn't find host pkg.pfsense.org in the .netrc file; using defaults * Resolving timed out after 30005 milliseconds -
@elvisimprsntr can you resolve other domain names?
-
-
@elvisimprsntr said in Unable to update repository pfSense:
From pfSense GUI or CLI, no.
Using Q9 for upstream DNSHow have you configured DNS, resolver or forward? And your clients use pfSense for DNS lookup?
-
@elvisimprsntr If forwarding, ensure DNSSEC is disabled.
Any restrictions on unbound or is it set to listen on All interfaces?
I would next restart DNS Resolver/unbound, or maybe pfSense.
-
- DNS Resolver
- Yes Clients use pfSense
I tried starting unbound. same issue.
I remotely rebooted my fiber modem (NVG599), and released and renewed WAN interface.Seems to be working again.
Running 2.7.2 with all the latest patches.
This just started happening since I applied the latest swath of patches.
It is behaving like something on pfSense crashed or stops working.
When I disable DNSSEC can't resolve static mappings.
https://forum.netgate.com/topic/196269/att-fiber-dns-issue/13
-
@elvisimprsntr said in Unable to update repository pfSense:
This just started happening since I applied the latest swath of patches.
I know it is obvious but I'd revert patches regarding unbound and see what happens.
-
Are clients, which can resolve, using pfSense for DNS or being passed quad9 to use directly?
What is the DNS behaviour setting in General Setup?
-
@stephenw10 said in Unable to update repository pfSense:
Are clients, which can resolve, using pfSense for DNS or being passed quad9 to use directly?
Client are served pfSense LAN IP address
What is the DNS behaviour setting in General Setup?
-
Hmm, and Diag > DNS Lookup just fails for all configured severs? For any fqdn?
-
Correct.
After rebooting my fiber modem, and releasing and renewing the WAN interface it is working again.
To see if it has any affect, I also deleted the IPv6 Q9 DNS servers.
-
Hmm, weird. Hard to imagine what could have caused that for pfSense but not clients behind it.
-
When I restart both kea-dhcp and unbound the problem persists.
When I head to Status -> Interfaces -> Click on WAN Release then Renew, everything starts working again.
Not sure of this error is related
Feb 9 13:45:55 pfSense dhclient[9122]: unknown dhcp option value 0x7dFeb 9 13:45:55 pfSense dhclient[9122]: DHCPREQUEST on igc0 to 192.168.1.254 port 67 Feb 9 13:45:55 pfSense dhclient[9122]: DHCPACK from 192.168.1.254 Feb 9 13:45:55 pfSense dhclient[9122]: unknown dhcp option value 0x7d Feb 9 13:45:55 pfSense dhclient[11337]: RENEW Feb 9 13:45:55 pfSense dhclient[12245]: Creating resolv.conf Feb 9 13:45:55 pfSense dhclient[9122]: bound to [redacted] -- renewal in 300 seconds.
