Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    2.3.2-RELEASE-p1 (amd64) dns resolver not working

    DHCP and DNS
    4
    12
    2.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      beavis
      last edited by

      I did have all selected as default and it did not work like that either. I changed those settings when there was lot of errors in logs.

      Jan 24 17:10:01 sense unbound: [37475:0] info: error sending query to auth server 2001:500:1::53 port 53
      Jan 24 17:10:01 sense unbound: [37475:0] info: error sending query to auth server 2001:500:2d::d port 53
      Jan 24 17:10:01 sense unbound: [37475:0] info: error sending query to auth server 2001:500:12::d0d port 53
      Jan 24 17:10:01 sense unbound: [37475:0] info: error sending query to auth server 2001:dc3::35 port 53
      Jan 24 17:10:01 sense unbound: [37475:0] info: error sending query to auth server 2001:500:2::c port 53
      Jan 24 17:10:01 sense unbound: [37475:0] info: error sending query to auth server 2001:500:a8::e port 53
      Jan 24 17:10:01 sense unbound: [37475:0] info: error sending query to auth server 2001:500:a8::e port 53
      Jan 24 17:10:01 sense unbound: [37475:0] info: error sending query to auth server 2001:503:c27::2:30 port 53
      Jan 24 17:10:01 sense unbound: [37475:0] info: error sending query to auth server 2001:7fd::1 port 53
      Jan 24 17:10:01 sense unbound: [37475:0] info: error sending query to auth server 2001:500:2d::d port 53
      Jan 24 17:10:01 sense unbound: [37475:0] info: error sending query to auth server 2001:7fd::1 port 53
      Jan 24 17:10:01 sense unbound: [37475:0] info: error sending query to auth server 2001:dc3::35 port 53
      Jan 24 17:10:01 sense unbound: [37475:0] info: error sending query to auth server 2001:dc3::35 port 53

      interf.jpg
      interf.jpg_thumb

      1 Reply Last reply Reply Quote 0
      • chpalmerC
        chpalmer
        last edited by

        @KOM:

        Resolver doesn't use the servers listed in General Setup - DNS Server Settings.

        Huh?  What does it use then?

        From System/General?DNS Server Settings..

        Address
        Enter IP addresses to be used by the system for DNS resolution. These are also used for the DHCP service, DNS Forwarder and DNS Resolver when it has DNS Query Forwarding enabled.

        Triggering snowflakes one by one..
        Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

        1 Reply Last reply Reply Quote 0
        • D
          doktornotor Banned
          last edited by

          @chpalmer:

          Huh?  What does it use then?

          Emphasized for you:

          Address
          Enter IP addresses to be used by the system for DNS resolution.

          1 Reply Last reply Reply Quote 0
          • chpalmerC
            chpalmer
            last edited by

            Resolver doesn't use the servers listed in General Setup - DNS Server Settings.

            Address
            Enter IP addresses to be used by the system for DNS resolution.

            And the rest states-

            These are also used for the DHCP service, DNS Forwarder and DNS Resolver when it has DNS Query Forwarding enabled.

            So if Forwarding is not enabled where does the Resolver resolve from?  The system itself?

            Triggering snowflakes one by one..
            Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

            1 Reply Last reply Reply Quote 0
            • KOMK
              KOM
              last edited by

              Huh?  What does it use then?

              It talks to the root servers directly and then walks the chain to the authoritative server.

              https://en.wikipedia.org/wiki/Root_name_server

              1 Reply Last reply Reply Quote 0
              • chpalmerC
                chpalmer
                last edited by

                Kom-  Thank you!

                Beavis-  select the IPv6 link locals as well.

                Triggering snowflakes one by one..
                Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

                1 Reply Last reply Reply Quote 0
                • B
                  beavis
                  last edited by

                  I did select all for network intefface,  but still lots of errors for ipv6 query in log and resolving is not working.

                  1 Reply Last reply Reply Quote 0
                  • D
                    doktornotor Banned
                    last edited by

                    @beavis:

                    but still lots of errors for ipv6 query in log

                    Completely useless info. What errors exactly? Why would you be resolving IPv6 at all with no IPv6 set up anywhere?

                    1 Reply Last reply Reply Quote 0
                    • B
                      beavis
                      last edited by

                      Yes I don't understand why resolver is using IP6. I have disabled IP6 every where and also added manually do-ip6: no to unbound.conf file.
                      But every time when I change something in pfsense->services->dns resolver and save and hit apply it changes do-ip6: yes in config file.

                      nslookup is only giving time out on every host and pfsense itself.

                      This is from resolver.log:
                      Jan 25 09:55:05 sense unbound: [40471:0] info: error sending query to auth server 2001:500:127::30 port 53
                      Jan 25 09:55:05 sense unbound: [40471:0] info: error sending query to auth server 2a01:111:2002::17 port 53
                      Jan 25 09:55:05 sense unbound: [40471:0] info: error sending query to auth server 2a01:111:2bad::17 port 53
                      Jan 25 09:55:05 sense unbound: [40471:0] info: error sending query to auth server 2a01:111:2002::17 port 53
                      Jan 25 09:55:05 sense unbound: [40471:0] info: error sending query to auth server 2a01:111:2bad::17 port 53
                      Jan 25 09:55:05 sense unbound: [40471:0] info: error sending query to auth server 2a01:111:2bad::17 port 53
                      Jan 25 09:55:05 sense unbound: [40471:0] info: error sending query to auth server 2a01:111:2002::17 port 53
                      Jan 25 09:55:05 sense unbound: [40471:0] info: error sending query to auth server 2a01:111:2bad::17 port 53
                      Jan 25 09:55:05 sense unbound: [40471:0] info: error sending query to auth server 2a01:111:2bad::17 port 53
                      Jan 25 09:55:05 sense unbound: [40471:0] info: error sending query to auth server 2600:1406:32::c1 port 53
                      Jan 25 09:56:28 sense unbound: [40471:0] info: error sending query to auth server 2a03:7900:104:1::2 port 53

                      1 Reply Last reply Reply Quote 0
                      • B
                        beavis
                        last edited by

                        I lost my patience with this and moved back to forwarder.
                        It works like supposed, no strage ip6 issues.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.