Internet on windows but not ubuntu bad pfsense configuration?
-
Woaw 8 seconds for a query could be your issue. Those DNS servers are used only for this DMZ?
-
Nope those are DNS servers on my school's network. :/ Can not work without them
-
@Farisse said in Internet on windows but not ubuntu bad pfsense configuration?:
Nope those are DNS servers on my school's network. :/ Can not work without them
...Can not work with them either.
Edit
Something is very wrong there. Even if your were to ping a server at the furthest possible point on the planet, I would not expect a number like that. -
Haha got me ! But actually it work but only on windows VMs and not on Ubuntu. Idk if ubuntu is using different dns ports (not at my knowledge) Or if pfSense is sending the dns request to the wrong servers ?
-
@Farisse said in Internet on windows but not ubuntu bad pfsense configuration?:
Haha got me ! But actually it work but only on windows VMs and not on Ubuntu. Idk if ubuntu is using different dns ports (not at my knowledge) Or if pfSense is sending the dns request to the wrong servers ?
Could it be that Ubuntu's query timeout is shorter than Windows?
-
I think using pfSense DNS resolver could help here since it would build up a cache.
-
Idk, but when i restart the services i can get internet on my ubuntu.
So maybe my ubuntu is making a link with the dns servers when nothing can intercept the packets.
And if pfsense if running again it can't 'wipe' packets when the connection is established so ubuntu vm still have internet.
But when i restart the ubuntu vm every connection is closed and could not be established again.This is what i guess but i don't know how to fix it by a port forwarding or traceroute can't determine where it sucks :/
-
@Farisse said in Internet on windows but not ubuntu bad pfsense configuration?:
Should the pfSense DHCP lease table show me the static ip from my vms ?
Also, going back to @stephenw10 question on DHCP leases. That needs to be cleared up.
-
@Raffi_ said in Internet on windows but not ubuntu bad pfsense configuration?:
That needs to be cleared up
I activated dns resolver with forwarding but still doesn't work.
I try it with Chrome and i receive this error:
-
Yeah that is catastrophically bad! Something is very broken there.
I guess the DNS timeout in Windows is higher which is why it worked.
You don't see localhost there so you probably have 'Do not use the DNS Forwarder/DNS Resolver as a DNS server for the firewall' set in System > General setup. That doesn't make much difference unless you have host overrides there the firewall should use.
Steve
-
@Raffi_ said in Internet on windows but not ubuntu bad pfsense configuration?:
Woaw 8 seconds for a query could be your issue. Those DNS servers are used only for this DMZ?
I thought I would note this too, but I rather skipped it, hihihihhi
-
I activated dns resolver with forwarding but still doesn't work.
I try it with Chrome and i receive this error:
Try it a second time. Once unbound caches it, it should come right up the second time.
-
@stephenw10 said in Internet on windows but not ubuntu bad pfsense configuration?:
You don't see localhost there so you probably have 'Do not use the DNS Forwarder/DNS Resolver as a DNS server for the firewall' set in System > General setup. That doesn't make much difference unless you have host overrides there the firewall should use.
Steve
Would dnsmaq use the local host as well or is that only the default for unbound?
-
@stephenw10 Its not after you told me i should probably have the localhost as respond i remembered i had in the beginning in general information the localhost and then not anymore. So i've add it back with the dns server (good or wrong way idk) But ly query is a lot faster now.
But the option "Do not use the DNS Forwarder/DNS Resolver as a DNS server for the firewall " is not set in.
@Raffi_ I also tried it a second and third time, but no result. Or ... the same result.
-
If you are using DNS resolver with forwarding mode, the first option will be the local host by default. There is no need to enter it again under DNS Server Settings in the General setup tab.
Edit, something doesn't seem right with those 1ms query times. How would it go from 8 seconds to 1ms? I think this might be the DNS lookup GUI bug I've seen in the past.
Run those dig commands from pfSense instead.
Diagnostics/ Command Prompt
dig @172.20.0.253 google.com
dig @172.20.0.254 google.comI think those might give you the real results.
-
just an idea
it would be worthwhile to look at and compare these:Windows: https://docs.microsoft.com/en-us/previous-versions//cc977482(v=technet.10)?redirectedfrom=MSDN
Linux: /etc/resolv.conf
search domain.net
option timeout:1
nameserver 1.1.1.1
nameserver 2.2.2.2
nameserver 3.3.3.3or something like that
-
-
Interesting, well the two DNS servers seem to be responding better now. That could also be because they are caching.
How is Ubuntu getting its interface settings? Is it statically assigned in Ubuntu or is it set to automatic (DHCP)? There were no leases in your DHCP list.
-
I assigned static ip through /etc/netplan/01-network-manager-all.yaml
Everything seems good to me....
Edit, maybe an non relevant information, i can not ping the other vms in the dmz network. But my other vms can ping my ubuntu vm. Could it be something to do with routing ?
-
Try running a packet capture on the DMZ of pfSense.
Diagnostics/ Packet Capture
Select DMZ, then in Count enter a very high value such as 10000. You can enter 0 but don't forget to stop the capture manually otherwise it will run a continuous capture and it can become a problem.Download the capture data to wireshark and check for DNS info.
Dumb question, but have you tried to ping 8.8.8.8 from ubuntu? Does that work or is that failing as well?
