OPT DNS !!!

martinc_77

Hi friend, i connect my isp on OPT interfase. all run ok, but not have dns in my LAN.
General setups -> dns server of the pfsense is ok. I have static ip.
If configure DNS in the host i have internet or if write ip direccion xxx.xxx.xxx.xxx but not have inet if use
pfsense as DNS server.

the same in the wan interface run ok, but not in OPT!

Whats happend???

Help me please

hoba

You have to add static routes for your DNS Servers that point towards the gateway at your OPT-WAN like:

Interface: OPT-WAN
subnet <dns-server1-ip>/32
gateway <opt-wan gateway="">Interface: OPT-WAN
subnet <dns-server2-ip>/32
gateway <opt-wan gateway="">Without this pfSense tries the nslookup at WAN but your dns-servers are at OPT-WAN. This also applies for dualwan setups btw and has been discussed at the forum already.</opt-wan></dns-server2-ip></opt-wan></dns-server1-ip>

martinc_77

dear hoba, i add static route in opt-wan interfase, and now resolve DNS but don't ping from pfsense to inet.
I enter in ssh session and write this:

PING terra.com.ar (66.231.227.173): 56 data bytes
ping: sendto: No route to host
ping: sendto: No route to host

help me please.

mi LAN RULE lanSubnet/goto BALANCER
mi WAN RULE * * * * (no connected)
mi OPT  RULE * * * *

hoba

The default route for the pfSense ALWAYS is at WAN. Policybased routing/loadbalancing only works for connections running THROUGH the pfSense. You really should get your WAN up, though it now should work for clients behind your pfSense.

martinc_77

OK hoba. Very tks for all.
You are a network master

martinc_77

Hoba, i not up WAN interfase because i simulate WAN ISP is down.

My scheme is

WAN  (disconnected to simule isp down)                    host1 (192.168.0.x)
        –------------------------PFSENSE ---------------- LAN
OPT

LAN RULES GO TO BALANCER
WAN RULES * * * * *
OPT RULES * * * * *

I add static route in OPT interfase for my DNS and this now resolve direction but only my pfsense diagnostinc->ping ->OPT
but don't ping either.

capture screen:

Ping output:

PING google.com.ar (216.239.39.99) from 200.69.230.165: 56 data bytes

--- google.com.ar ping statistics ---
3 packets transmitted, 0 packets received, 100% packet loss

I can ping from my host to 216.239.39.99 (google) but can't ping from my host to google.com.ar.

The idea is if WAN ISP is down my host does not know it

because it does not walk?

martinc_77

I FIND A LINK.
MY PROBLES IS THE VERSION OF PFSENSE DON'T HAVE "USE INTERFASE AS GATEWAY" IN STATIC ->ROUTE

BUT I RUN PFSENSE FROM LIVE-CD –- 1.0-RC1

BAD LOOK FOR ME

ANY IDEA?

martinc_77

YEAAAAAAAAAAAAAAAAAAAAA!!!!!!!!!!!!!!!!!!!!!!

thanks to all, specially to hoba.
I solve my DNS PROBLEM, I don't set option Services-> DNS Forwarder -> Enable DNS forwarder

all run ok now

:)