Issue when pfSense resolves hostnames



  • Dear folks,

    a few days ago, I decided to shut down my pfSense Box in my private location since a failure in the network of my ISP occured and therefore I didn't have any internet connection for a few days.

    After the problem was solved by my ISP, I started the pfSense Box again and noticed an error when trying to resolve hostnames of computers/servers in my local network.

    First of all: At "System/General Setup" I have configured:

    Hostname: pfsense-box
    Domain: domain.tld

    This means, I can access my pfSense Box via https://pfsense-box.domain.tld

    DHCP in LAN is enabled and every computer receives its ip address from pfsense router.

    Now, the problem:

    I open the command shell of a windows computer in the network and run following command:

    ping hostname-of-server-a

    => IP gets displayed and packages are sent/answered. Everything is fine!

    Now, I run the following command:

    ping hostname-of-server-a.domain.tld

    At this point: The hostname resolves an "IP" which has nothing to do with the actual ip of the server-a. My guess: It is the IP address of the "Page not found"-website from my ISP.

    Strange! Before reboot, everything was running fine and I was able to reach other computer's/server's shared files by entering e.g. \hostname or \hostname.domain.tld. After reboot, it is only possible to access them via \hostname.

    And, furthermore, there is this exception:  Server-B:

    ping hostname-of-server-b

    After hitting "return", i receive the following output:

    Pinging hostname-of-server-b.domain.tld [62.157.140.133] with 32 bytes of data: Request timed out.

    Well, this means, I cannot reach this server because the domain.tld part gets added automatically. However, at that moment when domain.tld-part gets added, the resolving doesn't work correctly because it seems like my pfsense router isn't looking up the hostname in the local network itself, but is forwarding this request to my ISP, which - of course - does not know anything about server-b…

    Well, the question is: How do I fix this and how did this problem occur?

    I have enabled: Services / DNS Forwarder
    I configured:
    DHCP registration: Register DHCP leases in DNS forwarder: CHECKMARK
    Static DHCP: Register DHCP static mappings in DNS forwarder CHECKMARK

    At Interfaces / LAN I have configured DHCP for my LAN Interface.

    At System / General Setup there is a checkmark at "Allow DNS server list to be overridden by DHCP/PPP on WAN". There are no DNS servers configured manually, which means DNS Server 1-4 are empty.

    When going to the Router's Diagnostics / Ping and I enter the hostname-of-server-a or hostname-of-server-b, the domain.tld part gets added automatically in each/every case. Since the hostnames get incorrectly resolved as soon as the domain.tld-part gets added, I cannot get any response from them.

    I went to Diagnostics / ARP tables and deleted the entries of server-a and server-b, but after they showed up again a few seconds later, there was still the same problem…

    So, I'm not sure where to start searching for the problem? What am I doing wrong? Any help is highly appreciated! Thanks so much!

    EDIT: It seems like one can solve this issue by deleting the DHCP lease entry and the ARP table entry of the corresponding machine, then perform a reboot of the machine. Now, everything is working again! It also looks like you have to wait a certain amount of time, until DNS etc. is correctly "up" again...


  • Banned

    One note:

    At System / General Setup there is a checkmark at "Allow DNS server list to be overridden by DHCP/PPP on WAN".

    You sure like hell do NOT want that with a retarded ISP that is hijacking NXDOMAIN!

    It is the IP address of the "Page not found"-website from my ISP.


Log in to reply