DNS Resolver sudden stop and filterdns PID 48934
-
@thegenius21 I did it now and testing if the problem still exist. thank you dear.
-
@ramikilany said in DNS Resolver sudden stop and filterdns PID 48934:
Could be the files are corrupted?
Well, its open source.
Compare the source with what your have ^^Or execute :
md5 < IPv6.phpI got
2a7701126aae53348b3a1ddd17f745e4The file size is ok, though.
-
@gertjan 2a7701126aae53348b3a1ddd17f745e4
same as yours, this message happens directly after the pfblockerng latest update, btw i have the same setup in the cloud (proxmox vm) and all works well. the only difference between them is the vm image has Hardware Checksum Offloading and others checked in the Advanced Networking, too annoying problem :(
-
There might be a way to get rid of the errors.
This file : /usr/local/www/pfblockerng/www/index.php is probably the start of the PHP section that builds the web page that users see when they try to visit a DNSBL blocked page.
I see mow the issue. That is, when I visit https://pfsense.me.net/pfblockerng/www/ manually it hit the error right away.
I advise you all to disable that web server that shows the DNS blocked page as it is rather useless, and very soon it won't work anyway.
( because of the MITM concepts, TLS, how https works, your browser won't show that page any more, etc etc )So :
and done.
-
@gertjan I did what you said and also restarted the firewall same Crash report
Crash report begins. Anonymous machine information:
amd64
12.2-STABLE
FreeBSD 12.2-STABLE d48fb226319(devel-12) pfSenseCrash report details:
PHP Errors:
[02-Mar-2021 14:13:18 Asia/Beirut] PHP Fatal error: Uncaught Error: Class 'Net_IPv6' not found in /etc/inc/util.inc:680
Stack trace:
#0 /etc/inc/util.inc(657): is_ipaddrv6('pagead2.googles...')
#1 /usr/local/www/pfblockerng/www/index.php(59): is_ipaddr('pagead2.googles...')
#2 {main}
thrown in /etc/inc/util.inc on line 680No FreeBSD crash data found.
Could we do something else?
-
and in your opinion what is the solution of the following log entry in the DNS Resolver
filterdns 37490 (PID) failed to resolve host xxx will retry later again.
-
@ramikilany said in DNS Resolver sudden stop and filterdns PID 48934:
failed to resolve
When unbound fails, it stops. Resolving stops. For your LAN based device and any process on pfSense itself. filterdns is just one of such processes.
-
@gertjan after a while the message does not appear again, till now it is the solution.
already thank you for your patience and for this great solution.
Thumbs Up.
-
@gertjan how may I troubleshoot the failure of the unbound service? To know how to fix this issue if you cloud help me again.
-
@ramikilany said in DNS Resolver sudden stop and filterdns PID 48934:
how may I troubleshoot the failure of the unbound service?
The issue at the top isn't a unbound issue but a pfBlockerNG issue.
Something (some one) is hitting the PFB "block page". Who is it ? (hint : look in the logs ....)
De activate this page as stated above.
Or de active DNSBL - dooes that help ?Btw : you are not using unbound in the default mode, you forward to Google & co.
That complicates things.Unbound uist run in resolver mode for pfBlockerNG to work.
This one :
@ramikilany said in DNS Resolver sudden stop and filterdns PID 48934:
filterdns 48934 failed to resolve host pt1 will retry later again
is also not real an error.
"pt1" isn't valid hos name. -
How may I use the unbound in the default mode? what is the best practice to set up the forward servers ( not Google for example) and the solution that you have posted above works with me (Null Block)
Kindly if you can describe how that the unbound must run in resolver mode for pfBlockerNG to works perfectly
NB: pt1 is a computer name in my domain network.
-
@ramikilany said in DNS Resolver sudden stop and filterdns PID 48934:
Kindly if you can describe how that the unbound must run in resolver mode for pfBlockerNG to works perfectly
As already mentioned : use the default settings.
They work.@ramikilany said in DNS Resolver sudden stop and filterdns PID 48934:
NB: pt1 is a computer name in my domain network.
Should be a fully qualified : like "pt1.local.tld". That way, unbound will know it's local, can resolve it directly, and won't send it to Google or OpenDNS, as these can't know what you have in your LAN anyway.
@ramikilany said in DNS Resolver sudden stop and filterdns PID 48934:
what is the best practice to set up the forward servers
The best way to use forward servers is : not using them. You don't need them (they need you and do not pay you for it ....)
-
@ramikilany said in DNS Resolver sudden stop and filterdns PID 48934:
[02-Mar-2021 09:14:55 Asia/Beirut] PHP Fatal error: Uncaught Error: Class 'Net_IPv6' not found in /etc/inc/util.inc:680
The solution :
https://github.com/pfsense/FreeBSD-ports/commit/8b27bcf00d06eeeed4e2ea5a5fdc23edf1b4ba23
look at the bottom of the page :
Works :
-
-
The DNS unbound sudden stop still exict, some times it work with just restart the DNS resolver unbound service and sometime I need to reboot the pfsense firewall.
When it stops the internet connection goes from the network and every thing stops working.
How may I fix this critical issue?
-
What pfSense version ?
See, for example, here : https://forum.netgate.com/topic/115482/frequent-unbound-restarts/79 about how to post the details so the issue can be seen right away.
-
@gertjan said in DNS Resolver sudden stop and filterdns PID 48934:
https://forum.netgate.com/topic/115482/frequent-unbound-restarts/79
Version 2.5.0-RELEASE (amd64)
built on Tue Feb 16 08:56:29 EST 2021
FreeBSD 12.2-STABLEand now it stops here is the log line:
Mar 4 11:10:42 unbound 13528 [13528:0] info: service stopped (unbound 1.13.1). -
when go to Diagnostics and DNS lookup and test google.com for example it shows this result:
Timings
Name server Query time
127.0.0.1 No response
172.16.99.1 1 msecthe local DNS is stooped and not responding
this happens now every 2 hours
-
Cool.
lol :unbound stopped.
and it said it stopped.That what you are telling.
More details are needed.
Please, read https://forum.netgate.com/topic/115482/frequent-unbound-restarts/79
You will find logs - and you can (have to) compare with other logs.
So, when, you find :
Mar 4 11:10:42 unbound 13528 [13528:0] info: service stopped (unbound 1.13.1).in the resolver log, you can see in the other logs who tolled it to do so.
Like :
Mar 4 11:10:42 pfSense dhcpleases[3459]: Sending HUP signal to dns daemon(13528)Process 13528 is unbound.
Btw : dhcpleases doesn't stop unbound, it restarts unbound.
No process will stop unbound, except you in the GUI.
-
In the logs in the same time that the unbound stopped their was nothing to inform us what was the problem causing this sudden stop.
In the forums I tried to uncheck the 2 options in DNS Resolver settings:
-
Register DHCP leases in the DNS Resolver
-
Register DHCP static mappings in the DNS Resolver
and it works with and no more sudden stop any more but for example in Status / Traffic Graph when monitoring the bandwidth with the option FQDN it shows only IP so I must take the IP and check it in the DHCP leases to know the FQDN. And this is one example of the problems that may happen when not checking the 2 check boxes mentioned above.
Is there any way to fix the sudden stops of unbound service while keep checking these 2 boxes or if we could register the DHCP client in the DNS Resolver in other way.
-
