ACB host (acb.netgate.com) not reachable from pfSense

RyanM

I am having issues w/ Auto-Config Backup (ACB) not backing up. It seems the host acb.netgate.com is not reachable from my router, but is from hosts on my network.

From my windows machine:

C:\Users\me>ping acb.netgate.com

Pinging acb.netgate.com [208.123.73.69] with 32 bytes of data:
Reply from 208.123.73.69: bytes=32 time=65ms TTL=51
Reply from 208.123.73.69: bytes=32 time=65ms TTL=51

Ping statistics for 208.123.73.69:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 65ms, Maximum = 65ms, Average = 65ms
Control-C

But when I try to use the DNS Lookup or Ping diagnostic tools in the pfSense UI it returns a 503 bad gateway. And if I do it from shell on the machine, both ping and nslookup do not return:

[2.8.1-RELEASE][admin@router.hidden.com]/cf/conf/backup: ping acb.netgate.com
^C
[2.8.1-RELEASE][admin@router.hidden.com]/cf/conf/backup: nslookup acb.netgate.com
;; communications error to 100.100.100.100#53: timed out
;; communications error to 100.100.100.100#53: timed out
;; communications error to 100.100.100.100#53: timed out
;; no servers could be reached

I wonder if this is something going on w/ Tailscale? My Tailscale network seems to be on a '100' IP network.

Or I setup HAProxy about a month or 2 ago, but I thought ACB had been working. I may try turning it off to see what happens.

The '100' in the nslookup leads me to believe this is something w/ Tailscale. Will disable that and see if it fixes this.

RyanM

Ok, so turning off Tailscale seems to have fixed it. Any ideas in my config what I need to change so I can have this enabled but not break ACB?

RyanM

For anyone finding this later, it was the Accept DNS option in the Tailscale settings. After turning this off, ACB is working again.

stephenw10

Interesting. The passed servers could not resolve acb is concerning.