Internal resolving of "www" is not working with DNS Resolver

hispeed

I need to fix a problem which I had never time to fix it correctly but now I need to do it the correct way.
I have a pfense and DHCP and the dns resolver is running fine.

When i type: https://beispielwebseite.com then this request is forwarded correctly. When I type in the browser: www.beispielwebseite.com i recieve: DNS_PROBE_FINISHED_NXDOMAIN

Nslookup shows me that beispielwebseite.com is resolved fine to the correct ip. When I do nslookup with www.beispielwebseite.com then it can't be resolved.
I recieve then:
DNS request timed out.
timeout was 2 seconds.

My set up is not very easy and I have a lot of different players in my network. The traffic should be forwarded to a Nginx reverse proxy. Probably I missed just a little thing but I don't find it. Any help is welcome.

kiokoman

is it a real domain? because i can't resolve any of that.
if it's something internal check/post a screenshot of domain/host override, and be sure the client is using only pfsense as dns server

hispeed

Hi Kiokoman,

Yes it's a real domain which is also available on the internet. I have the same issue on a other domain. Interesting is that it's only when I type in "www".
Here are the settings which I have at the moment. I have tested several options before and this is also not working at the moment. I have also an entry at the domain override without the "www" in the front of the domain, but this doesn't help either.

Do I need to setup something in the General Setup?

hispeed

No one has any idea? If you need more print-screens let me know.

johnpoz

@hispeed said in Internal resolving of "www" is not working with DNS Resolver:

Yes it's a real domain which is also available on the internet.

No it isn't

beispielwebseite.com

Is not a domain on the internet.

;; QUESTION SECTION:
;beispielwebseite.com.          IN      A

;; AUTHORITY SECTION:
com.                    899     IN      SOA     a.gtld-servers.net. nstld.verisign-grs.com. 1585718970 1800 900 604800 86400

whois beispielwebseite.com
No match for domain "BEISPIELWEBSEITE.COM".

hispeed

Hi johnpoz,

Yes that's correct because this means in english: samplewebsite.com ;=).

But for example: hs-x.ch is a real website.

johnpoz

well that site resolve

hs-x.ch, along with www.hs-x.ch

To the same IP. why would you type samplesite in nonenglish, when this is a english site, and your post is in english?

Why are you doing domain overrides.. That is for when you want a domain to be resolved via some specific NS.. Not for when you want to return a specific IP for a specific fqdn.. That would be a host override.

If you want to resolve say www.hs-x.ch locally to 192.168.x.x then you would use host override. Same for if you want to resolve hs-x.ch to local IP. the host wold be hs-x and the domain would be ch..

; <<>> DiG 9.16.0 <<>> @192.168.9.253 www.hs-x.ch
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13803
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.hs-x.ch.                   IN      A

;; ANSWER SECTION:
www.hs-x.ch.            3600    IN      A       192.168.100.100

;; Query time: 0 msec
;; SERVER: 192.168.9.253#53(192.168.9.253)
;; WHEN: Wed Apr 01 10:10:49 Central Daylight Time 2020
;; MSG SIZE  rcvd: 56

; <<>> DiG 9.16.0 <<>> @192.168.9.253 hs-x.ch
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42939
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;hs-x.ch.                       IN      A

;; ANSWER SECTION:
hs-x.ch.                3600    IN      A       192.168.100.100

;; Query time: 0 msec
;; SERVER: 192.168.9.253#53(192.168.9.253)
;; WHEN: Wed Apr 01 10:10:47 Central Daylight Time 2020
;; MSG SIZE  rcvd: 52

hispeed

Hi johnpoz ,

Thank you for your answer. The solution is that i can write: "www" into "Host" at host override.

And the answer to your question:
"To the same IP. why would you type samplesite in nonenglish, when this is a english site, and your post is in english?"

Because I was thinking in german and I thougt it doesn't matter which URL I mean.

johnpoz

Ah - ok that explains it ;)

When you put in a domain as example.. its best to be sure its obvious that its a example domain.. if your thinking in German could see how that comes out, but to us that only understand the one langue and sometimes that is even a stretch.. It just looked like some valid domain name ;)

Glad you got it sorted.. left of period is always host or domain.. if only single domain to the right then its host.

host.domain (tld)

host.domain.tld

host.subdomain.domain.tld

etc..