DNS problems

Aric

I am having problems in a new install (VMware). I am upgrading from my firebox to a new virtual machine pfsense. I am using the 2.1 RC1.

My problem is I cannot use OPENDNS for any DNS lookups. If I don't click the allow DNS server to be overridden by DHCP I cannot do any lookups.

I have the correct opendns servers in the list. I cannot ping them from pfsense or my windows machines either.

I am sure it is something simple.

Any Ideas?

Aric

I can ping google dns servers. But as soon as I add them to my DNS list they become unreachable. When I change them back to allow DHCP to override. They are still unreachable in ping

wallabybob

Please post the output of the ping command. The ping response is nearly always significantly more informative than the executive summary "cannot ping".

Please post the output of the pfSense shell command:```
traceroute 208.67.220.220

Aric

This is from windows.

Pinging 8.8.8.8 with 32 bytes of data:
Reply from 192.168.1.1: Destination host unreachable.
Reply from 192.168.1.1: Destination host unreachable.
Reply from 192.168.1.1: Destination host unreachable.
Reply from 192.168.1.1: Destination host unreachable.

Ping statistics for 8.8.8.8:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

This is from shell of pfsense

[2.1-RC1][root@pfsense.home]/root(1): traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 64 hops max, 40 byte packets
1  * *traceroute: sendto: Host is down
traceroute: wrote 8.8.8.8 40 chars, ret=-1
*
traceroute: sendto: Host is down
2 traceroute: wrote 8.8.8.8 40 chars, ret=-1
*traceroute: sendto: Host is down
traceroute: wrote 8.8.8.8 40 chars, ret=-1
*traceroute: sendto: Host is down
traceroute: wrote 8.8.8.8 40 chars, ret=-1
^C
[2.1-RC1][root@pfsense.home]/root(2):

Trying OPENDNS

[2.1-RC1][root@pfsense.home]/root(29): traceroute 208.67.220.220
traceroute to 208.67.220.220 (208.67.220.220), 64 hops max, 40 byte packets
1  * * *
2  * *traceroute: sendto: Host is down
traceroute: wrote 208.67.220.220 40 chars, ret=-1
*
traceroute: sendto: Host is down
3 traceroute: wrote 208.67.220.220 40 chars, ret=-1
^C
[2.1-RC1][root@pfsense.home]/root(30):

Trying google

[2.1-RC1][root@pfsense.home]/root(30): traceroute google.com
traceroute: Warning: google.com has multiple addresses; using 74.125.225.224
traceroute to google.com (74.125.225.224), 64 hops max, 40 byte packets
1  XXXXXXXX (XXXXXXXXXXX)  6.759 ms  6.186 ms  7.308 ms
2  XXXXXXXXXX-link.sta.suddenlink.net (XXXXXXXXXXX)  7.181 ms  10.925 ms  8.038 ms
3  XXXXXXXXXX-link.sta.suddenlink.net (XXXXXXXXXXX)  37.937 ms  38.698 ms  36.757 ms
4  173-219-243-24-link.sta.suddenlink.net (173.219.243.24)  38.454 ms  37.381 ms  37.895 ms
5  72.14.223.10 (72.14.223.10)  47.774 ms  67.867 ms  47.355 ms
6  * * *
7  209.85.240.77 (209.85.240.77)  36.039 ms  37.560 ms  36.105 ms
8  dfw06s26-in-f0.1e100.net (74.125.225.224)  37.024 ms  35.643 ms  36.019 ms
[2.1-RC1][root@pfsense.home]/root(31):

Hope this helps

Aric

This is the ping

[2.1-RC1][root@pfsense.home]/root(31): ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
ping: sendto: Host is down
ping: sendto: Host is down
ping: sendto: Host is down
ping: sendto: Host is down
ping: sendto: Host is down
^C
–- 8.8.8.8 ping statistics ---
5 packets transmitted, 0 packets received, 100.0% packet loss

doktornotor

Are you finding yourself in China? Is your ISP Chinese? Or, is your ISP just a bunch of morons? Googling for "suddenlink DNS problems" is rather revealing…  ::)

Aric

I know suddenlink DNS sucks.. Thats why I want to us OpenDns or google dns. I have used Opendns for years and my firebox died so I made a new box and it wont work and anytime I put in a DNS server it winds up going down, ait dosent matter that I can ping it before I add it to my DNS list. As soon as I add it, its gone even if I remove it from my list.

kejianshi

SuddenSink

doktornotor

@Aric:

I know suddenlink DNS sucks.. Thats why I want to us OpenDns or google dns. I have used Opendns for years and my firebox died so I made a new box and it wont work and anytime I put in a DNS server it winds up going down, ait dosent matter that I can ping it before I add it to my DNS list. As soon as I add it, its gone even if I remove it from my list.

What I'm suggesting is that they maybe extended their DNS hijacking "business" to blackhole third-party DNS altogether. Sorry, I cannot see how's this pfS issue. Get in touch with the sucky ISP.

You can try with these public DNS servers:
217.31.204.130 / 2001:1488:800:400::130
193.29.206.206 / 2001:678:1::206

kejianshi

I've been pretty happy with OpenNIC so far.  No DNS modification/redirection.  Seems to work well.
And bonus, they don't think their business should include logging my every site for all of posterity.

Aric

Well its not sucky suddenlink. It has to be pfsense. I did a total restore of Version 2.1. It worked, as soon as I change the DNS from google to opendns it started again. I installed 2.03 like I used to use and it works great. Might be a bug might not be… Could be a setting that I did. Not sure either way 2.03 works great.