*SOLVED*BIND-PFsense package not accepting Fixed Virtual IP Alias on PPoE as Interface but accepts ISP DHCP PPPoE as InterfaceIP

svanderlaars

Hmm, that's odd, you would assume that Bind would not make any difference if the virtual IP is connected to PPPoE or Ethernet, which would mean that it would be usable with all cable, fiber and other connections but not with xDSL connections :(

Is there a way to create some sort of virtual interface that i'm overlooking, or is this a little bug in the way Bind / PFsense sees the PPPoE interface... i'll tinker some more this weekend, if i found a way i'll post back, ofcourse anybody with ideas are welcome.

kiokoman

sorry errata corrige copied the wrong log

Sep 27 13:52:58	named	5710	listening on IPv4 interface pppoe0, 217.***.***.***#53
Sep 27 13:52:58	named	5710	using default UDP/IPv4 port range: [49152, 65535]

ergo you can have it on a pppoe wan interface, there must be something wrong on your side :)

svanderlaars

@kiokoman

Thanks for the reply, i'm baffled, do you have any ideas where i can look any further?
Do you have a Fixed PPPoE connection or DHCP granted PPPoE connection?

kiokoman

uhm i don't understand what you mean, i have a pppoe connection with 1 static ip from my isp .
the modem from my isp is in bridge mode and pfsense do the pppoe connection

make a screenshot of your bind configuration and interface configuration maybe we can find a clue from them

svanderlaars

I've got my WAN1 interface configured in PPPoE, bound on ethernet port igb3 with VLAN 6 as required by the ISP. It connects to a Draytek 2860 DSL modem that is in Full bridge mode

PFsense initiates the PPPoE Connection through the Draytak and receives a DHCP address from my ISP.

I have a total of 6 fixed IP addresses within a routed subnet from my ISP., of which 3 are currently in use. the WWW and MX are redirected toward virtual servers inside the network and work just fine.

The Bind configuration is listening on the 3rd IP alias, at least thats what i want it to do.

I've copied the PPP log from the last time i've rebooted the PFsense box.

Sep 27 17:49:42	ppp		[wan] 84.53.91.128 -> 90.145.146.131
Sep 27 17:49:42	ppp		[wan] IPCP: LayerUp
Sep 27 17:49:42	ppp		[wan] IPCP: state change Ack-Sent --> Opened
Sep 27 17:49:42	ppp		[wan] IPADDR 84.53.91.128
Sep 27 17:49:42	ppp		[wan] IPCP: rec'd Configure Ack #3 (Ack-Sent)
Sep 27 17:49:42	ppp		[wan] IFACE: Rename interface ng0 to pppoe0
Sep 27 17:49:42	ppp		[wan] IFACE: Up event
Sep 27 17:49:42	ppp		[wan] 0000:0000:0000:0001 -> be16:65ff:fe7e:0400
Sep 27 17:49:42	ppp		[wan] IPV6CP: LayerUp
Sep 27 17:49:42	ppp		[wan] IPV6CP: state change Ack-Sent --> Opened
Sep 27 17:49:42	ppp		[wan] IPV6CP: rec'd Configure Ack #2 (Ack-Sent)
Sep 27 17:49:42	ppp		[wan] IPADDR 84.53.91.128
Sep 27 17:49:42	ppp		[wan] IPCP: SendConfigReq #3
Sep 27 17:49:42	ppp		[wan] 84.53.91.128 is OK
Sep 27 17:49:42	ppp		[wan] IPADDR 84.53.91.128
Sep 27 17:49:42	ppp		[wan] IPCP: rec'd Configure Nak #2 (Ack-Sent)
Sep 27 17:49:42	ppp		[wan] IPV6CP: SendConfigReq #2
Sep 27 17:49:42	ppp		[wan] IPV6CP: rec'd Configure Nak #1 (Ack-Sent)
Sep 27 17:49:42	ppp		[wan] IPADDR 0.0.0.0
Sep 27 17:49:42	ppp		[wan] IPCP: SendConfigReq #2
Sep 27 17:49:42	ppp		[wan] COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
Sep 27 17:49:42	ppp		[wan] IPCP: rec'd Configure Reject #1 (Ack-Sent)
Sep 27 17:49:42	ppp		[wan] IPV6CP: state change Req-Sent --> Ack-Sent
Sep 27 17:49:42	ppp		[wan] IPV6CP: SendConfigAck #1
Sep 27 17:49:42	ppp		[wan] IPV6CP: rec'd Configure Request #1 (Req-Sent)
Sep 27 17:49:42	ppp		[wan] IPCP: state change Req-Sent --> Ack-Sent
Sep 27 17:49:42	ppp		[wan] IPADDR 90.145.146.131
Sep 27 17:49:42	ppp		[wan] IPCP: SendConfigAck #1
Sep 27 17:49:42	ppp		[wan] 90.145.146.131 is OK
Sep 27 17:49:42	ppp		[wan] IPADDR 90.145.146.131
Sep 27 17:49:42	ppp		[wan] IPCP: rec'd Configure Request #1 (Req-Sent)
Sep 27 17:49:42	ppp		[wan] IPV6CP: SendConfigReq #1
Sep 27 17:49:42	ppp		[wan] IPV6CP: state change Starting --> Req-Sent
Sep 27 17:49:42	ppp		[wan] IPV6CP: Up event
Sep 27 17:49:42	ppp		[wan] COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
Sep 27 17:49:42	ppp		[wan] IPADDR 0.0.0.0
Sep 27 17:49:42	ppp		[wan] IPCP: SendConfigReq #1
Sep 27 17:49:42	ppp		[wan] IPCP: state change Starting --> Req-Sent
Sep 27 17:49:42	ppp		[wan] IPCP: Up event
Sep 27 17:49:42	ppp		[wan] IPV6CP: LayerStart
Sep 27 17:49:42	ppp		[wan] IPV6CP: state change Initial --> Starting
Sep 27 17:49:42	ppp		[wan] IPV6CP: Open event
Sep 27 17:49:42	ppp		[wan] IPCP: LayerStart
Sep 27 17:49:42	ppp		[wan] IPCP: state change Initial --> Starting
Sep 27 17:49:42	ppp		[wan] IPCP: Open event
Sep 27 17:49:42	ppp		[wan] Bundle: Status update: up 1 link, total bandwidth 64000 bps
Sep 27 17:49:42	ppp		[wan_link0] Link: Join bundle "wan"
Sep 27 17:49:42	ppp		[wan_link0] Link: Matched action 'bundle "wan" ""'
Sep 27 17:49:42	ppp		[wan_link0] LCP: authorization successful
Sep 27 17:49:42	ppp		[wan_link0] PAP: rec'd ACK #1 len: 5
Sep 27 17:49:41	ppp		[wan_link0] LCP: LayerUp
Sep 27 17:49:41	ppp		[wan_link0] PAP: sending REQUEST #1 len: 28
Sep 27 17:49:41	ppp		[wan_link0] PAP: using authname "ed539518@wxdsl"
Sep 27 17:49:41	ppp		[wan_link0] LCP: auth: peer wants PAP, I want nothing
Sep 27 17:49:41	ppp		[wan_link0] LCP: state change Ack-Rcvd --> Opened
Sep 27 17:49:41	ppp		[wan_link0] ENDPOINTDISC [LOCAL] 41 4d 53 2d 55 4e 45 54 2d 44 43 32 2d 45 52 30 38
Sep 27 17:49:41	ppp		[wan_link0] MAGICNUM 0x06162e0f
Sep 27 17:49:41	ppp		[wan_link0] AUTHPROTO PAP
Sep 27 17:49:41	ppp		[wan_link0] MRU 1492
Sep 27 17:49:41	ppp		[wan_link0] LCP: SendConfigAck #2
Sep 27 17:49:41	ppp		[wan_link0] ENDPOINTDISC [LOCAL] 41 4d 53 2d 55 4e 45 54 2d 44 43 32 2d 45 52 30 38
Sep 27 17:49:41	ppp		[wan_link0] MAGICNUM 0x06162e0f
Sep 27 17:49:41	ppp		[wan_link0] AUTHPROTO PAP
Sep 27 17:49:41	ppp		[wan_link0] MRU 1492
Sep 27 17:49:41	ppp		[wan_link0] LCP: rec'd Configure Request #2 (Ack-Rcvd)
Sep 27 17:49:41	ppp		[wan_link0] LCP: state change Req-Sent --> Ack-Rcvd
Sep 27 17:49:41	ppp		[wan_link0] MAGICNUM 0x4b2a5e44
Sep 27 17:49:41	ppp		[wan_link0] MRU 1492
Sep 27 17:49:41	ppp		[wan_link0] PROTOCOMP
Sep 27 17:49:41	ppp		[wan_link0] LCP: rec'd Configure Ack #1 (Req-Sent)
Sep 27 17:49:41	ppp		[wan_link0] MP MRRU 1524
Sep 27 17:49:41	ppp		[wan_link0] LCP: SendConfigRej #1
Sep 27 17:49:41	ppp		[wan_link0] ENDPOINTDISC [LOCAL] 41 4d 53 2d 55 4e 45 54 2d 44 43 32 2d 45 52 30 38
Sep 27 17:49:41	ppp		[wan_link0] MP MRRU 1524
Sep 27 17:49:41	ppp		[wan_link0] MAGICNUM 0x06162e0f
Sep 27 17:49:41	ppp		[wan_link0] AUTHPROTO PAP
Sep 27 17:49:41	ppp		[wan_link0] MRU 1492
Sep 27 17:49:41	ppp		[wan_link0] LCP: rec'd Configure Request #1 (Req-Sent)
Sep 27 17:49:41	ppp		[wan_link0] MAGICNUM 0x4b2a5e44
Sep 27 17:49:41	ppp		[wan_link0] MRU 1492
Sep 27 17:49:41	ppp		[wan_link0] PROTOCOMP
Sep 27 17:49:41	ppp		[wan_link0] LCP: SendConfigReq #1
Sep 27 17:49:41	ppp		[wan_link0] LCP: state change Starting --> Req-Sent
Sep 27 17:49:41	ppp		[wan_link0] LCP: Up event
Sep 27 17:49:41	ppp		[wan_link0] Link: UP event
Sep 27 17:49:41	ppp		[wan_link0] PPPoE: connection successful
Sep 27 17:49:41	ppp		PPPoE: rec'd ACNAME "AMS-UNET-DC2-ER08"
Sep 27 17:49:39	ppp		[wan_link0] PPPoE: Connecting to ''
Sep 27 17:49:39	ppp		[wan_link0] LCP: LayerStart
Sep 27 17:49:39	ppp		[wan_link0] LCP: state change Initial --> Starting
Sep 27 17:49:39	ppp		[wan_link0] LCP: Open event
Sep 27 17:49:39	ppp		[wan_link0] Link: OPEN event
Sep 27 17:49:39	ppp		[wan] Bundle: Interface ng0 created
Sep 27 17:49:39	ppp		web: web is not running
Sep 27 17:49:39	ppp		process 27954 started, version 5.8 (root@pfSense_v2_4_4_amd64-pfSense_v2_4_4-job-09 11:56 16-Nov-2018)
Sep 27 17:49:39	ppp		Multi-link PPP daemon for FreeBSD

I've also included the general log entry after the reboot:

General log 27-9.txt

kiokoman

ah i understand, this kind of configuration does not exist in my country
so if you select WAN1 as interface it take the fist dynamic ip that you don't need
if you select the virtual ip it does not start
let me do some test ..

how about select the loopback interface and add a port forward with destination 90.145.246.x 53 nat to 127.0.0.1 53 ?
i've tested it on my side and it seems to work

svanderlaars

@kiokoman It is set to DHCP, in theory i might be able to change it to fixed ip, but to do that i have to sacrifice one of the other 6 for it. Right now we use the 6 IP aliasses for different services and the DHCP address is used for "regular" internet traffic that is not bound to any fixed port or IP in either direction.

Though, when WLAN1 PPPoE is set to DHCP, bind listenes to the DHCP granted IP address. it just refuses to listen to a virtual IP Alias.

I've tried adding both WAN1 (PPPoE) and Virtual IP interfaces but no response would come from the Virtual IP Alias. Also tried setting it to WAN1 (PPPoE) and changing the IP inside the Bind config file, but that resulted in error where bind refuses to start.

I'll test the port redirection for the loopback and report back!

svanderlaars

Perfect! Now It works!

Now it receives and responds flawlessly on the Virtual IP Alias and i can see queries coming in from the Log files!

Thank you so much for sticking with me! Thought i do feel that doing it this way seems more like a workaround but that does not bother me, i can live with it the way it works now!

Thank you so much Kiokoman! :)

kiokoman

i'm glad it work, it seems a workaround indeed , until someone come out with a better idea ...

kiokoman

just for completeness, i'm unable to reproduce this problem on my test vm machine