Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfsense causing NXDOMAIN errors on Linux Client

    Scheduled Pinned Locked Moved DHCP and DNS
    1 Posts 1 Posters 318 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • 4
      4o4rh
      last edited by 4o4rh

      I am getting the below error on my Ubunu 20.10 client.

      "systemd-resolved Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP."

      I put a tcpdump on the client and below is a sample of what i'm getting on the client.

      I have unbound configured to forward to 1.1.1.1 servers and a Port Forward as follows
      Intface=LAN, Protocol TCP/UDP, source any, source ports any, dest !LAN, dest ports 53, NAT IP - LAN Gateway, NAT Port 53.

      Resolver Network = LAN & Localhost, Outgoing = WAN

      Can someone help me understand why this is coming into the LAN and causing the error on the workstation pls.

          _gateway.domain > ma78g.net.lan.33265: [udp sum ok] 35931 NXDomain q: PTR? 176.127.142.52.in-addr.arpa. 0/1/0 ns: 127.142.52.in-addr.arpa. SOA prd1.azuredns-cloud.net. msnhst.microsoft.com. 1 900 300 604800 60 (124)
    _gateway.domain > ma78g.net.lan.48140: [udp sum ok] 1276 NXDomain q: PTR? 124.178.114.40.in-addr.arpa. 0/1/0 ns: 178.114.40.in-addr.arpa. SOA ns1-04.azure-dns.com. azuredns-hostmaster.microsoft.com. 1 3600 300 2419200 300 (131)
    _gateway.domain > ma78g.net.lan.53070: [udp sum ok] 24373 NXDomain q: PTR? 140.34.67.172.in-addr.arpa. 0/1/0 ns: 67.172.in-addr.arpa. SOA cruz.ns.cloudflare.com. dns.cloudflare.com. 2034580120 10000 2400 604800 3600 (106)
    _gateway.domain > ma78g.net.lan.60522: [udp sum ok] 25740 NXDomain q: PTR? 120.74.67.172.in-addr.arpa. 0/1/0 ns: 67.172.in-addr.arpa. SOA cruz.ns.cloudflare.com. dns.cloudflare.com. 2034580120 10000 2400 604800 3600 (106)

      here is a couple more, and i note localhost causes a problem and the dns entry does not resolve

      tcpdump: listening on enp2s0, link-type EN10MB (Ethernet), capture size 262144 bytes
    _gateway.domain > ma78g.net.lan.47187: [udp sum ok] 59199 NXDomain* q: PTR? 5.26.168.192.in-addr.arpa. 0/1/0 ns: 168.192.in-addr.arpa. SOA localhost. nobody.invalid. 1 3600 1200 604800 10800 (102)
    _gateway.domain > ma78g.net.lan.38306: [udp sum ok] 46865 NXDomain q: PTR? 233.233.233.233.in-addr.arpa. 0/1/0 ns: 233.in-addr.arpa. SOA sns.dns.icann.org. noc.dns.icann.org. 2021012107 7200 3600 604800 3600 (103)

      this is on an ubuntu client with systemd as the resolver

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.