DNS domain forwarder stopped working

gyahoo

Summary - after a power outage, a pfsense server that has been running fine for years is now refusing to resolve using DSN domain forwarder.
akismet.com is flagging full post as spam (with no indication why !!!) so I am attaching full post as .txt attachment.

I am at a loss as to how to proceed.

pfsense-dns-domain-fowarder.txt

DaddyGo

It’s just a quick question (because of my curiosity) why do you use such an old version 2.3.4 / and have you tried another DNS server(s) instead of ISP DNS servers? / are you thinking about using a DNS resolver in the future?

gyahoo

This is a small home developer server - pfSense tells me that is the latest version and I am up to date. That could be due to older hardware ?
External dns server is irrelevant - it is refusing to use the internal dns domain forwarder - which is causing issues for instance where a pfb block list is located on an internal web site - if I add the internal dns server to the general dns server list, using the DNS Lookup test shows that it is querying the local server ( it is listed in tghe timings section ) but not resolving, nslookup specifying the internal server resolves just fine.

DaddyGo

absolutely not, we have been moving forward for a long time, now 2.4.5 (with plenty of interim improvements and updates)
chances are you can’t even upgrade from 2.3.4 to the newer version right away with just a whole new installation.

if the hardware is old and incorrect or etc., it does not show that there is no upgrade option,
what do you see here:

DaddyGo

@gyahoo said in DNS domain forwarder stopped working:

External dns server is irrelevant - it is refusing to use the internal dns domain forwarder

so I asked about using Unbound

with say DNSSEC and DNSoverTLS (853) this seems more secure

johnpoz

@gyahoo said in DNS domain forwarder stopped working:

I am at a loss as to how to proceed.

Get on a current version of pfsense - the 2.3 line is DEAD, has been for over a year, shoot Oct will be 2 years... There were like 2 years of warning that 2.3 was going to be DEAD!

Once you get on current.. Come back if your having issues.

So 2.3.4 is from 2017... You honestly thought it was up to date, with zero updates in like 3 years - on security software? its not a notepad app you downloaded from some guy that wrote something he needed and shared it. How did you not check on that? Simple 2 minute visit to the website would of told you if your current or not, etc.