Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    (SOLVED) DNS not working with FailOver

    Scheduled Pinned Locked Moved DHCP and DNS
    10 Posts 3 Posters 2.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • SipriusPTS
      SipriusPT
      last edited by

      Hello guys,

      I am trying to set failover (http://prntscr.com/ejr9a4) over two WAN connections, but I am having a problem with DNS, it seems that when it goes to backup WAN connection, DNS stops working. I am able to ping to external IP's with this backup WAN from my local network. Both WAN connections where tested before this test. I have set for each connection a different DNS (http://prntscr.com/ejra8v).

      When both are connected:

      http://prntscr.com/ejr908
      http://prntscr.com/ejr936

      Note: DNS server 10.0.0.2 was automatically set by DHCP at backup wan.

      When primary WAN is disconnected:

      http://prntscr.com/ejrdut
      http://prntscr.com/ejrdxq

      In my firewall I have for this internal network:

      http://prntscr.com/ejrf6w

      P.S. I had this working yesterday, and after I shutdown my system and start it again, it stops working, so I can only imagine that something was in cache.

      1xSG-4860-1U
      1xSG-3100
      2xpfSense Virtual Machines

      1 Reply Last reply Reply Quote 0
      • D
        doktornotor Banned
        last edited by

        Not working from where? Those settings are primarily for the firewall itself (plus you don't need to have anything set there if you just let the resolver do its job.). You don't diagnose DNS by staring at gateways screenshots. Use tools designed for that (drill, dig, nslookup…)

        1 Reply Last reply Reply Quote 0
        • SipriusPTS
          SipriusPT
          last edited by

          @doktornotor:

          Not working from where? Those settings are primarily for the firewall itself (plus you don't need to have anything set there if you just let the resolver do its job.). You don't diagnose DNS by staring at gateways screenshots. Use tools designed for that (drill, dig, nslookup…)

          First of all thanks for the response doktornotor.

          DNS is not working from LAN port when primary WAN is disconnected, but I am still able to ping for remote IP's from backup WAN. I know its optional and dns resolver can handle it, it was just for test purpose.

          Drill when primary WAN is disconnected:

          http://prntscr.com/ejrxrx

          and when primary WAN is disconnected:

          http://prntscr.com/ejrxmm

          1xSG-4860-1U
          1xSG-3100
          2xpfSense Virtual Machines

          1 Reply Last reply Reply Quote 0
          • D
            doktornotor Banned
            last edited by

            That shows perfectly working DNS. No idea what's not working. (Why on earth are you posting screenshots of console output, instead of posting the output as text.)

            1 Reply Last reply Reply Quote 0
            • SipriusPTS
              SipriusPT
              last edited by

              @doktornotor:

              That shows perfectly working DNS. No idea what's not working. (Why on earth are you posting screenshots of console output, instead of posting the output as text.)

              Dont know the implications of changing weight in each gateway, but there I have a weight of 1 for each one.

              lol chill bro, I was going at full speed in "printscreening"

              1xSG-4860-1U
              1xSG-3100
              2xpfSense Virtual Machines

              1 Reply Last reply Reply Quote 0
              • D
                doktornotor Banned
                last edited by

                Let me rephrase it. You have yet failed to show any DNS breakage anywhere. The DNS is working. What's the business with gateways here, I totally fail to see. You already have another thread for that.

                1 Reply Last reply Reply Quote 0
                • SipriusPTS
                  SipriusPT
                  last edited by

                  @doktornotor:

                  Let me rephrase it. You have yet failed to show any DNS breakage anywhere. The DNS is working. What's the business with gateways here, I totally fail to see. You already have another thread for that.

                  I am able to ping from backup WAN with FQDN, but somehow from other local interfaces I cannot.

                  What thread?!

                  1xSG-4860-1U
                  1xSG-3100
                  2xpfSense Virtual Machines

                  1 Reply Last reply Reply Quote 0
                  • D
                    doktornotor Banned
                    last edited by

                    This thread: https://forum.pfsense.org/index.php?topic=127129.0

                    And you do NOT test DNS with ping.

                    1 Reply Last reply Reply Quote 0
                    • SipriusPTS
                      SipriusPT
                      last edited by

                      @doktornotor:

                      This thread: https://forum.pfsense.org/index.php?topic=127129.0

                      And you do NOT test DNS with ping.

                      I finally manage to solve this, I had to enable at Services/DNS Resolver/General Settings the DNS Query Forwarding, and leave google dns's for each wan port.

                      Thanks itppa at #pfsense and doktornotor for the help.

                      1xSG-4860-1U
                      1xSG-3100
                      2xpfSense Virtual Machines

                      1 Reply Last reply Reply Quote 0
                      • R
                        Ronski
                        last edited by

                        I was having a similar problem, I'm running two WAN connections load balanced, but if I disable my original WAN connection then DNS stopped working.

                        I found that you have to have a DNS Server set for each gateway under System/ General Setup/ DNS Server Settings

                        Thought I'd just add this here in case someone else finds it useful.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.