Random DNS Issues in VirtualBox (certain websites work perfect - others, nothin)
-
I'm trying to setup a VM to act as a web proxy on my local network. I have setup 2 bridged NICs in my virtual machine setup, and have 2 physical NICs in the host machine – each bridged NIC is mapped to a local NIC on the host machine. I have the WAN interface getting an IP address successfully via DHCP on the 1st NIC (1st bridged NIC). Then, the 2nd NIC has its network setup on it and functioning properly (ie, handing out IP addresses, pinging successfully, etc...).
This is my question -- for certain websites, I can access them without issues (google.com, drudgereport.com, amazon.com). But then, for other websites, my web browser times out (foxnews.com, tivo.com, ebay.com). I can figure out no rhyme or reason for this whatsoever. I'm network savvy and linux savvy, and have checked everything that I can think of within pfSense. I am using openDNS for my DNS servers in pfSense.
Is there something that I'm missing within pfSense itself or in the VirtualBox settings of my VM? Thank you for any help you can provide! I can also provide more details as requested...
-
"I am using openDNS for my DNS servers in pfSense."
So you disabled the resolver and are using the forwarder or using forwarder mode in the resolver?
Do these sites your trying to access resolve?
Your question should be in the proxy section.. When you don't use proxy and just let pfsense nat/route/firewall do your sites work.
-
Hi, and thanks for the reply. I should have been more clear in that I don't currently have a proxy running on the pfsense box itself –Just a vanilla install of pfsense.
I've disabled DNS Resolver and am using DNS Forwarder.
However, I've tried it the other way around (disabling DNS Forwarder and using DNS Resolver), and I get the same thing. I can ping sites from the pfsense host, albeit some of them resolve to an alias (which I think is what is causing my issues). See below:
When I ping google.com from pfsense, I received the expected responses, such as below:
PING google.com (64.233.177.102): 56 data bytes 64 bytes from 64.233.177.102: icmp_seq=0 ttl=40 time=18.152 ms 64 bytes from 64.233.177.102: icmp_seq=1 ttl=40 time=18.888 ms 64 bytes from 64.233.177.102: icmp_seq=2 ttl=40 time=21.675 ms 64 bytes from 64.233.177.102: icmp_seq=3 ttl=40 time=20.830 ms ^C --- google.com ping statistics --- 4 packets transmitted, 4 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 18.152/19.886/21.675/1.423 ms [2.2.6-RELEASE][admin@pfSense.localdomain]/root:
However, when i ping ebay.com, I receive a timeout:
[2.2.6-RELEASE][admin@pfSense.localdomain]/root: ping ebay.com PING ebay.com (66.211.160.86): 56 data bytes ^C --- ebay.com ping statistics --- 9 packets transmitted, 0 packets received, 100.0% packet loss [2.2.6-RELEASE][admin@pfSense.localdomain]/root:
But then, if I ping **www.**ebay.com, then I ping the ebay.com alias:
[2.2.6-RELEASE][admin@pfSense.localdomain]/root: ping www.ebay.com PING e9428.b.akamaiedge.net (104.64.62.8): 56 data bytes 64 bytes from 104.64.62.8: icmp_seq=0 ttl=53 time=37.864 ms 64 bytes from 104.64.62.8: icmp_seq=1 ttl=53 time=36.283 ms 64 bytes from 104.64.62.8: icmp_seq=2 ttl=53 time=36.143 ms 64 bytes from 104.64.62.8: icmp_seq=3 ttl=53 time=27.823 ms ^C --- e9428.b.akamaiedge.net ping statistics --- 4 packets transmitted, 4 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 27.823/34.528/37.864/3.930 ms [2.2.6-RELEASE][admin@pfSense.localdomain]/root:
Notice how the ping to www.ebay.com resolved to e9428.b.akamaiedge.net? I think that type of aliasing is what is causing me grief. Same type of deal for pinging www.foxnews.com:
[2.2.6-RELEASE][admin@pfSense.localdomain]/root: ping www.foxnews.com PING a20.g.akamai.net (23.220.148.34): 56 data bytes 64 bytes from 23.220.148.34: icmp_seq=0 ttl=53 time=33.512 ms 64 bytes from 23.220.148.34: icmp_seq=1 ttl=53 time=30.493 ms 64 bytes from 23.220.148.34: icmp_seq=2 ttl=53 time=33.074 ms 64 bytes from 23.220.148.34: icmp_seq=3 ttl=53 time=29.829 ms ^C --- a20.g.akamai.net ping statistics --- 4 packets transmitted, 4 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 29.829/31.727/33.512/1.591 ms [2.2.6-RELEASE][admin@pfSense.localdomain]/root:
-
Major websites commonly use CDNs such as Akamai for handling their traffic. The fact that you can't ping some of the base domains may simply mean they don't reflect ICMP packets. The sites you're having trouble with work fine for me here with pfSense 2.2.6. Have you tried with a different browser?
-
Are you the OP?? Who are you thanking??