No DNS resolving , ping works with delay
-
i have 2 pfsense boxes side by side. The one is stable the other has latest snapshot of "pfSense-memstick-2.2-DEVELOPMENT-i386-20140513-0829.img"
same configuration but the machine with the beta snapshot cannot resolve hostname.
It can ping successful but with delay .netstat -r
Routing tablesInternet:
Destination Gateway Flags Netif Expire
default 192.168.1.200 UGS ue0
localhost link#5 UH lo0
192.168.1.0 link#7 U ue0
192.168.1.101 link#7 UHS lo0
192.168.2.0 link#1 U ae0
eee link#1 UHS lo0Internet6:
Destination Gateway Flags Netif Expire
::1 link#5 UH lo0
fe80:: link#1 U ae0
fe80::223:54ff:fe6 link#1 UHS lo0
fe80:: link#5 U lo0
fe80::1 link#5 UHS lo0
fe80:: link#7 U ue0
fe80::200:ff:fe00: link#7 UHS lo0
ff01:: fe80::223:54ff:fe6 U ae0
ff01:: ::1 U lo0
ff01:: fe80::200:ff:fe00: U ue0
ff02:: fe80::223:54ff:fe6 U ae0
ff02:: ::1 U lo0
ff02:: fe80::200:ff:fe00: U ue0
[2.2-ALPHA][root@eee.localdomain]/root(4): cat /etc/resolv.conf
domain localdomain
nameserver 127.0.0.1
nameserver 8.8.8.8
nameserver 8.8.4.4i include also ping command because its has delay to respond while the other box pings really fast this one is slow
ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: icmp_seq=0 ttl=54 time=51.603 ms
64 bytes from 8.8.8.8: icmp_seq=1 ttl=54 time=52.126 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=54 time=52.625 msOne interface is usb to ethernet ASIX
-
Things are running fine here on the latest snapshot. Are you sure its gateway (192.168.1.200) is correct and not blocking it from reaching DNS servers on tcp/udp port 53?
-
Things are running fine here on the latest snapshot. Are you sure its gateway (192.168.1.200) is correct and not blocking it from reaching DNS servers on tcp/udp port 53?
yes my other pfsense box is running on the same gateway (192.168.1.200) which is the ISP router
can i ask something about netstat -r
the snapshot box "192.168.1.101 link#7 "
the stable box "192.168.1.100 link#1 "whats the difference between link 7 and link 1 ??
-
The ordering of the interfaces/networks as they're detected, I believe. Not a huge impact.
can you query any of the DNS servers directly? e.g. host www.google.com 8.8.8.8
-
The ordering of the interfaces/networks as they're detected, I believe. Not a huge impact.
can you query any of the DNS servers directly? e.g. host www.google.com 8.8.8.8
nslookup google.com 8.8.8.8
command not found :(
-
nslookup is obsolete. Use host as I stated, or perhaps drill (or dig, if it's there)
host www.google.com 8.8.8.8
-
nslookup is obsolete. Use host as I stated, or perhaps drill (or dig, if it's there)
host www.google.com 8.8.8.8
;;connection timed out, no host could be reached
-
You might try running a packet capture as the traffic attempts to leave WAN, see if the packets go out. If they do, it must be getting dropped upstream.
If host direct to 8.8.8.8 doesn't work, then it isn't anything to do with the DNS forwarder/resolver. It's routing/firewall/NAT on the way out to the Internet, not likely on this device.
-
You might try running a packet capture as the traffic attempts to leave WAN, see if the packets go out. If they do, it must be getting dropped upstream.
If host direct to 8.8.8.8 doesn't work, then it isn't anything to do with the DNS forwarder/resolver. It's routing/firewall/NAT on the way out to the Internet, not likely on this device.
would it be of any help attaching system, routing, resolving log ??
-
only if there are errors… It works fine for me on i386 and amd64 on the latest snapshot, it's not a general issue with the snapshots. There must be something about your configuration that's holding it back.
-
I have two Wans:
1 - pppoe (only name and pass is provided)
2 - ppp is a huawei E392-u12 4G (only phone number is provided).First days of 2.2 snaps i have to put a list of openDNS IPs and/or google DNS on System -> General Setup -> Dns server ( Allow DNS server list to be overridden by DHCP/PPP on WAN is checked) to resolve DNS. A Couple days ago i delete every DNS in General and it works but does't appear on System information only 127.0.0.1 appears.
Another think, i have to put pfsense hostname on the DNS resolver (Host Overrides) to call the firewall by there hostname.
-
only if there are errors… It works fine for me on i386 and amd64 on the latest snapshot, it's not a general issue with the snapshots. There must be something about your configuration that's holding it back.
Routing
May 16 16:55:46 radvd[25785]: sendmsg: Operation not permitted May 16 16:55:52 radvd[25785]: Exiting, sigterm or sigint received. May 16 16:55:52 radvd[25785]: sending stop adverts May 16 16:55:52 radvd[25785]: sendmsg: Operation not permitted May 16 16:55:52 radvd[25785]: removing /var/run/radvd.pid May 16 16:58:35 radvd[24442]: version 1.9.1 started May 16 16:58:35 radvd[24442]: no auto-selected prefix on interface ae0, disabling advertisements May 16 17:04:34 radvd[23475]: version 1.9.1 started May 16 17:04:34 radvd[23475]: no auto-selected prefix on interface ae0, disabling advertisements
Resolver
May 16 17:04:34 dnsmasq[20827]: started, version 2.70 cachesize 10000 May 16 17:04:34 dnsmasq[20827]: compile time options: IPv6 GNU-getopt no-DBus i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack no-ipset auth DNSSEC May 16 17:04:34 dnsmasq[20827]: reading /etc/resolv.conf May 16 17:04:34 dnsmasq[20827]: ignoring nameserver 127.0.0.1 - local interface May 16 17:04:34 dnsmasq[20827]: using nameserver 8.8.8.8#53 May 16 17:04:34 dnsmasq[20827]: using nameserver 8.8.4.4#53 May 16 17:04:34 dnsmasq[20827]: read /etc/hosts - 2 addresses
@mais_um
so what is your suggestion ? i dont get it .. -
Hi salida
it's not a suggestion. Make known behavior of DNS in my pfsense, maybe developer can spend more time in the subject.
-
You might try running a packet capture as the traffic attempts to leave WAN, see if the packets go out. If they do, it must be getting dropped upstream.
If host direct to 8.8.8.8 doesn't work, then it isn't anything to do with the DNS forwarder/resolver. It's routing/firewall/NAT on the way out to the Internet, not likely on this device.
I have made 2 packet captures (with wireshark):
- ping 8.8.8.8 (successful )
- traceroute www.google.com (failed)
but i am afraid they have too much personal info (mac address, ip address & stuff)
can you instruct me to find a possible error? or tell me which filter to use (in wireshark) to find (possible) errors
Thank you in advancefrom windows client with gateway the pfsense box i get this error
C:\WINDOWS\system32>nslookup 8.8.8.8 Server: eee.localdomain Address: 192.168.2.98 DNS request timed out. timeout was 2 seconds. *** Request to eee.localdomain timed-out
-
Use nslookup from pfsense. Menu Diagnostics -> DNS Lookup
Have you more than one DHCP Server?virtual or real?.
From you post:
"the snapshot box "192.168.1.101 link#7 "
the stable box "192.168.1.100 link#1 "C:\WINDOWS\system32>nslookup 8.8.8.8
Server: eee.localdomain
Address: 192.168.2.98"are this another DNS Server?
-
You'll want a packet capture on WAN probably more so than on a machine inside your network. The host inside is likely sending the traffic unless you have something really broken inside your network. Check Diag>States on the firewall, if you see your system's traffic there, then packet capture on WAN.
-
Diagnostics: Show States
192.168.1.101:34950 (192.168.2.25:9206) -> 128.31.0.34:9101 SYN_SENT:CLOSED
dns requests
udp 192.168.1.101:23985 -> 8.8.8.8:53 SINGLE:NO_TRAFFIC udp 192.168.1.101:23985 -> 8.8.4.4:53 SINGLE:NO_TRAFFIC
-
You're not NATing that traffic. Either you have manual outbound NAT misconfigured, or if on auto-outbound, you're missing the specification of a gateway under Interfaces>WAN.
-
@cmb:
You're not NATing that traffic. Either you have manual outbound NAT misconfigured, or if on auto-outbound, you're missing the specification of a gateway under Interfaces>WAN.
i have posted my nestat -r to earlier to ensure that my settings are correct, therefore i also post screenshots of
default getaway and outbound rules automatic generated
-
as previously said one interface is usb to ethernet ASIX
i saw in ifconfig i get wrong mac address from the usb interface 00:00:00:00:00:01
i have tried two different usb to ethernet modules asix chipset and both of them have same mac addressi even tried to spoof mac address…nothing happend
maybe we have a problem with the axe driver...
*** FIX (?!) ***
as i said i used mac address spoofing
also i enabled Disable hardware checksum offloadtheese two settings in compination with a restart and i am having DNS resolving .