Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    No DNS resolving , ping works with delay

    Scheduled Pinned Locked Moved 2.2 Snapshot Feedback and Problems - RETIRED
    21 Posts 4 Posters 5.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      salida
      last edited by

      @jimp:

      only if there are errors… It works fine for me on i386 and amd64 on the latest snapshot, it's not a general issue with the snapshots. There must be something about your configuration that's holding it back.

      Routing

      May 16 16:55:46 	radvd[25785]: sendmsg: Operation not permitted
May 16 16:55:52 	radvd[25785]: Exiting, sigterm or sigint received.
May 16 16:55:52 	radvd[25785]: sending stop adverts
May 16 16:55:52 	radvd[25785]: sendmsg: Operation not permitted
May 16 16:55:52 	radvd[25785]: removing /var/run/radvd.pid
May 16 16:58:35 	radvd[24442]: version 1.9.1 started
May 16 16:58:35 	radvd[24442]: no auto-selected prefix on interface ae0, disabling advertisements
May 16 17:04:34 	radvd[23475]: version 1.9.1 started
May 16 17:04:34 	radvd[23475]: no auto-selected prefix on interface ae0, disabling advertisements

      Resolver

      May 16 17:04:34 	dnsmasq[20827]: started, version 2.70 cachesize 10000
May 16 17:04:34 	dnsmasq[20827]: compile time options: IPv6 GNU-getopt no-DBus i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack no-ipset auth DNSSEC
May 16 17:04:34 	dnsmasq[20827]: reading /etc/resolv.conf
May 16 17:04:34 	dnsmasq[20827]: ignoring nameserver 127.0.0.1 - local interface
May 16 17:04:34 	dnsmasq[20827]: using nameserver 8.8.8.8#53
May 16 17:04:34 	dnsmasq[20827]: using nameserver 8.8.4.4#53
May 16 17:04:34 	dnsmasq[20827]: read /etc/hosts - 2 addresses

      @mais_um
      so what is your suggestion ? i dont get it ..

      1 Reply Last reply Reply Quote 0
      • Raul RamosR
        Raul Ramos
        last edited by

        Hi salida

        it's not a suggestion. Make known behavior of DNS in my pfsense, maybe developer can spend more time in the subject.

        pfSense:
        ASRock -> Wolfdale1333-D667 (2GB TeamElite Ram)
        Marvell 88SA8040 Sata to CF(Sandisk 4GB) Controller
        NIC's: RTL8100E (Internal ) and Intel® PRO/1000 PT Dual (Intel 82571GB)

        1 Reply Last reply Reply Quote 0
        • S
          salida
          last edited by

          @jimp:

          You might try running a packet capture as the traffic attempts to leave WAN, see if the packets go out. If they do, it must be getting dropped upstream.

          If host direct to 8.8.8.8 doesn't work, then it isn't anything to do with the DNS forwarder/resolver. It's routing/firewall/NAT on the way out to the Internet, not likely on this device.

          I have made 2 packet captures (with wireshark):

          1. ping 8.8.8.8 (successful )
          2. traceroute www.google.com (failed)

          but i am afraid they have too much personal info (mac address, ip address & stuff)

          can you instruct me to find a possible error? or tell me which filter to use (in wireshark) to find (possible) errors
          Thank you in advance

          from windows client with gateway the pfsense box i get this error

          C:\WINDOWS\system32>nslookup 8.8.8.8
Server:  eee.localdomain
Address:  192.168.2.98

DNS request timed out.
    timeout was 2 seconds.
*** Request to eee.localdomain timed-out
          1 Reply Last reply Reply Quote 0
          • Raul RamosR
            Raul Ramos
            last edited by

            Use nslookup from pfsense. Menu Diagnostics -> DNS Lookup

            Have you more than one DHCP Server?virtual or real?.

            From you post:
            "the snapshot box "192.168.1.101      link#7 "
            the stable box "192.168.1.100      link#1 "

            C:\WINDOWS\system32>nslookup 8.8.8.8
            Server:  eee.localdomain
            Address:  192.168.2.98"

            are this another DNS Server?

            pfSense:
            ASRock -> Wolfdale1333-D667 (2GB TeamElite Ram)
            Marvell 88SA8040 Sata to CF(Sandisk 4GB) Controller
            NIC's: RTL8100E (Internal ) and Intel® PRO/1000 PT Dual (Intel 82571GB)

            1 Reply Last reply Reply Quote 0
            • C
              cmb
              last edited by

              You'll want a packet capture on WAN probably more so than on a machine inside your network. The host inside is likely sending the traffic unless you have something really broken inside your network. Check Diag>States on the firewall, if you see your system's traffic there, then packet capture on WAN.

              1 Reply Last reply Reply Quote 0
              • S
                salida
                last edited by

                Diagnostics: Show States

                192.168.1.101:34950 (192.168.2.25:9206) -> 128.31.0.34:9101 	SYN_SENT:CLOSED

                dns requests

                udp 	192.168.1.101:23985 -> 8.8.8.8:53 	SINGLE:NO_TRAFFIC 	
udp 	192.168.1.101:23985 -> 8.8.4.4:53 	SINGLE:NO_TRAFFIC
                1 Reply Last reply Reply Quote 0
                • C
                  cmb
                  last edited by

                  You're not NATing that traffic. Either you have manual outbound NAT misconfigured, or if on auto-outbound, you're missing the specification of a gateway under Interfaces>WAN.

                  1 Reply Last reply Reply Quote 0
                  • S
                    salida
                    last edited by

                    @cmb:

                    You're not NATing that traffic. Either you have manual outbound NAT misconfigured, or if on auto-outbound, you're missing the specification of a gateway under Interfaces>WAN.

                    i have posted my nestat -r to earlier to ensure that my settings are correct, therefore i also post screenshots of
                    default getaway and outbound rules automatic generated

                    Untitled2.png
                    Untitled2.png_thumb

                    1 Reply Last reply Reply Quote 0
                    • S
                      salida
                      last edited by

                      as previously said one interface is usb to ethernet ASIX

                      i saw in ifconfig i get wrong mac address from the usb interface 00:00:00:00:00:01
                      i have tried two different usb to ethernet modules asix chipset and both of them have same mac address

                      i even tried to spoof mac address…nothing happend

                      maybe we have a problem with the axe driver...

                      *** FIX (?!) ***
                      as i said i used mac address spoofing
                      also i enabled Disable hardware checksum offload

                      theese two settings in compination with a restart and i am having DNS resolving .

                      1 Reply Last reply Reply Quote 0
                      • Raul RamosR
                        Raul Ramos
                        last edited by

                        Speaking of Mac address, is normal my wan/pppoe have this mac in Status: Interfaces:M 00:00:00:00:00:00? spoof it but same. Ifconfig show em0 with the right mac.

                        @salida thanks for sharing that solution for your situation.

                        pfSense:
                        ASRock -> Wolfdale1333-D667 (2GB TeamElite Ram)
                        Marvell 88SA8040 Sata to CF(Sandisk 4GB) Controller
                        NIC's: RTL8100E (Internal ) and Intel® PRO/1000 PT Dual (Intel 82571GB)

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.