No DNS resolving , ping works with delay

jimp

The ordering of the interfaces/networks as they're detected, I believe. Not a huge impact.

can you query any of the DNS servers directly? e.g. host www.google.com 8.8.8.8

salida

@jimp:

The ordering of the interfaces/networks as they're detected, I believe. Not a huge impact.

can you query any of the DNS servers directly? e.g. host www.google.com 8.8.8.8

nslookup google.com 8.8.8.8

command not found :(

jimp

nslookup is obsolete. Use host as I stated, or perhaps drill (or dig, if it's there)

host www.google.com 8.8.8.8

salida

@jimp:

nslookup is obsolete. Use host as I stated, or perhaps drill (or dig, if it's there)

host www.google.com 8.8.8.8

;;connection timed out, no host could be reached

jimp

You might try running a packet capture as the traffic attempts to leave WAN, see if the packets go out. If they do, it must be getting dropped upstream.

If host direct to 8.8.8.8 doesn't work, then it isn't anything to do with the DNS forwarder/resolver. It's routing/firewall/NAT on the way out to the Internet, not likely on this device.

salida

@jimp:

You might try running a packet capture as the traffic attempts to leave WAN, see if the packets go out. If they do, it must be getting dropped upstream.

If host direct to 8.8.8.8 doesn't work, then it isn't anything to do with the DNS forwarder/resolver. It's routing/firewall/NAT on the way out to the Internet, not likely on this device.

would it be of any help attaching system, routing, resolving log ??

jimp

only if there are errors… It works fine for me on i386 and amd64 on the latest snapshot, it's not a general issue with the snapshots. There must be something about your configuration that's holding it back.

Raul Ramos

I have two Wans:
1 - pppoe (only name and pass is provided)
2 - ppp is a huawei E392-u12 4G (only phone number is provided).

First days of 2.2 snaps i have to put a list of openDNS IPs and/or google DNS on  System -> General Setup -> Dns server ( Allow DNS server list to be overridden by DHCP/PPP on WAN is checked) to resolve DNS. A  Couple  days ago i delete every DNS in General and it works but does't appear on System information only 127.0.0.1 appears.

Another think, i have to put pfsense hostname on the DNS resolver (Host Overrides) to call the firewall by there hostname.

salida

@jimp:

only if there are errors… It works fine for me on i386 and amd64 on the latest snapshot, it's not a general issue with the snapshots. There must be something about your configuration that's holding it back.

Routing

May 16 16:55:46 	radvd[25785]: sendmsg: Operation not permitted
May 16 16:55:52 	radvd[25785]: Exiting, sigterm or sigint received.
May 16 16:55:52 	radvd[25785]: sending stop adverts
May 16 16:55:52 	radvd[25785]: sendmsg: Operation not permitted
May 16 16:55:52 	radvd[25785]: removing /var/run/radvd.pid
May 16 16:58:35 	radvd[24442]: version 1.9.1 started
May 16 16:58:35 	radvd[24442]: no auto-selected prefix on interface ae0, disabling advertisements
May 16 17:04:34 	radvd[23475]: version 1.9.1 started
May 16 17:04:34 	radvd[23475]: no auto-selected prefix on interface ae0, disabling advertisements

Resolver

May 16 17:04:34 	dnsmasq[20827]: started, version 2.70 cachesize 10000
May 16 17:04:34 	dnsmasq[20827]: compile time options: IPv6 GNU-getopt no-DBus i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack no-ipset auth DNSSEC
May 16 17:04:34 	dnsmasq[20827]: reading /etc/resolv.conf
May 16 17:04:34 	dnsmasq[20827]: ignoring nameserver 127.0.0.1 - local interface
May 16 17:04:34 	dnsmasq[20827]: using nameserver 8.8.8.8#53
May 16 17:04:34 	dnsmasq[20827]: using nameserver 8.8.4.4#53
May 16 17:04:34 	dnsmasq[20827]: read /etc/hosts - 2 addresses

@mais_um
so what is your suggestion ? i dont get it ..

Raul Ramos

Hi salida

it's not a suggestion. Make known behavior of DNS in my pfsense, maybe developer can spend more time in the subject.

salida

@jimp:

You might try running a packet capture as the traffic attempts to leave WAN, see if the packets go out. If they do, it must be getting dropped upstream.

If host direct to 8.8.8.8 doesn't work, then it isn't anything to do with the DNS forwarder/resolver. It's routing/firewall/NAT on the way out to the Internet, not likely on this device.

I have made 2 packet captures (with wireshark):

1. ping 8.8.8.8 (successful )
2. traceroute www.google.com (failed)

but i am afraid they have too much personal info (mac address, ip address & stuff)

can you instruct me to find a possible error? or tell me which filter to use (in wireshark) to find (possible) errors
Thank you in advance

from windows client with gateway the pfsense box i get this error

C:\WINDOWS\system32>nslookup 8.8.8.8
Server:  eee.localdomain
Address:  192.168.2.98

DNS request timed out.
    timeout was 2 seconds.
*** Request to eee.localdomain timed-out

Raul Ramos

Use nslookup from pfsense. Menu Diagnostics -> DNS Lookup

Have you more than one DHCP Server?virtual or real?.

From you post:
"the snapshot box "192.168.1.101      link#7 "
the stable box "192.168.1.100      link#1 "

C:\WINDOWS\system32>nslookup 8.8.8.8
Server:  eee.localdomain
Address:  192.168.2.98"

are this another DNS Server?

cmb

You'll want a packet capture on WAN probably more so than on a machine inside your network. The host inside is likely sending the traffic unless you have something really broken inside your network. Check Diag>States on the firewall, if you see your system's traffic there, then packet capture on WAN.

salida

Diagnostics: Show States

192.168.1.101:34950 (192.168.2.25:9206) -> 128.31.0.34:9101 	SYN_SENT:CLOSED

dns requests

udp 	192.168.1.101:23985 -> 8.8.8.8:53 	SINGLE:NO_TRAFFIC 	
udp 	192.168.1.101:23985 -> 8.8.4.4:53 	SINGLE:NO_TRAFFIC

cmb

You're not NATing that traffic. Either you have manual outbound NAT misconfigured, or if on auto-outbound, you're missing the specification of a gateway under Interfaces>WAN.

salida

@cmb:

You're not NATing that traffic. Either you have manual outbound NAT misconfigured, or if on auto-outbound, you're missing the specification of a gateway under Interfaces>WAN.

i have posted my nestat -r to earlier to ensure that my settings are correct, therefore i also post screenshots of
default getaway and outbound rules automatic generated

salida

as previously said one interface is usb to ethernet ASIX

i saw in ifconfig i get wrong mac address from the usb interface 00:00:00:00:00:01
i have tried two different usb to ethernet modules asix chipset and both of them have same mac address

i even tried to spoof mac address…nothing happend

maybe we have a problem with the axe driver...

*** FIX (?!) ***
as i said i used mac address spoofing
also i enabled Disable hardware checksum offload

theese two settings in compination with a restart and i am having DNS resolving .

Raul Ramos

Speaking of Mac address, is normal my wan/pppoe have this mac in Status: Interfaces:M 00:00:00:00:00:00? spoof it but same. Ifconfig show em0 with the right mac.

@salida thanks for sharing that solution for your situation.