DNS Doesn't solve
-
Hi.
I have a problem and the truth is that after looking a lot I do not give with the solution.
I installed pfsense 2.3.4p1 and connected the WAN to an ADSL line. Whether I get the ip by dhcp or configure the configuration myself, everything works correctly. Pfsense serves dns on all physical interfaces as virtual and the clients of each interface have as dns the ip of that interface. In the vlan they go out by squid proxy and in the lan they do not go through squid.But if I change the ADSL line to another corporate fiber line and change the WAN network configuration according to that line with different ips and a single dns, then only the clients that go through the proxy can navigate, but those that I have a portal captive and in the lan.
Does anyone think it can happen?
Thank you. -
I have checked that if on a lan client (rules permit all the traffic pass) I put it as dns the ip of the lan does not go to the internet, but if I put the external dns then I can.
This is my log. Level 3 dns resolver logs:
Sep 1 11:54:40
unbound[85952:b] info: new pside target L.ROOT-SERVERS.NET. AAAA IN
Sep 1 11:54:40
unbound[85952:b] info: new pside target L.ROOT-SERVERS.NET. A IN
Sep 1 11:54:40
unbound[85952:b] debug: iterator[module 1] operate: extstate:module_state_initial event:module_event_pass
Sep 1 11:54:40
unbound[85952:b] info: iterator operate: query L.ROOT-SERVERS.NET. AAAA IN
Sep 1 11:54:40
unbound[85952:b] info: resolving L.ROOT-SERVERS.NET. AAAA IN
Sep 1 11:54:40
unbound[85952:b] info: priming . IN NS
Sep 1 11:54:40
unbound[85952:b] debug: return error response REFUSED
Sep 1 11:54:40
unbound[85952:b] debug: validator[module 0] operate: extstate:module_state_initial event:module_event_moddone
Sep 1 11:54:40
unbound[85952:b] info: validator operate: query L.ROOT-SERVERS.NET. AAAA IN
Sep 1 11:54:40
unbound[85952:b] debug: iterator[module 1] operate: extstate:module_state_initial event:module_event_pass
Sep 1 11:54:40
unbound[85952:b] info: iterator operate: query L.ROOT-SERVERS.NET. A IN
Sep 1 11:54:40
unbound[85952:b] info: resolving L.ROOT-SERVERS.NET. A IN
Sep 1 11:54:40
unbound[85952:b] info: priming . IN NS
Sep 1 11:54:40
unbound[85952:b] debug: return error response REFUSED
Sep 1 11:54:40
unbound[85952:b] debug: validator[module 0] operate: extstate:module_state_initial event:module_event_moddone
Sep 1 11:54:40
unbound[85952:b] info: validator operate: query L.ROOT-SERVERS.NET. A IN
Sep 1 11:54:40
unbound[85952:b] debug: iterator[module 1] operate: extstate:module_wait_subquery event:module_event_pass
Sep 1 11:54:40
unbound[85952:b] info: iterator operate: query . NS IN
Sep 1 11:54:40
unbound[85952:b] info: processQueryTargets: . NS IN
Sep 1 11:54:40
unbound[85952:b] info: new pside target M.ROOT-SERVERS.NET. AAAA IN
Sep 1 11:54:40
unbound[85952:b] info: new pside target M.ROOT-SERVERS.NET. A IN
Sep 1 11:54:40
unbound[85952:b] debug: iterator[module 1] operate: extstate:module_state_initial event:module_event_pass
Sep 1 11:54:40
unbound[85952:b] info: iterator operate: query M.ROOT-SERVERS.NET. AAAA IN
Sep 1 11:54:40
unbound[85952:b] info: resolving M.ROOT-SERVERS.NET. AAAA IN
Sep 1 11:54:40
unbound[85952:b] info: priming . IN NS
Sep 1 11:54:40
unbound[85952:b] debug: return error response REFUSED
Sep 1 11:54:40
unbound[85952:b] debug: validator[module 0] operate: extstate:module_state_initial event:module_event_moddone
Sep 1 11:54:40
unbound[85952:b] info: validator operate: query M.ROOT-SERVERS.NET. AAAA IN
Sep 1 11:54:40
unbound[85952:b] debug: iterator[module 1] operate: extstate:module_state_initial event:module_event_pass
Sep 1 11:54:40
unbound[85952:b] info: iterator operate: query M.ROOT-SERVERS.NET. A IN
Sep 1 11:54:40
unbound[85952:b] info: resolving M.ROOT-SERVERS.NET. A IN
Sep 1 11:54:40
unbound[85952:b] info: priming . IN NS
Sep 1 11:54:40
unbound[85952:b] debug: return error response REFUSED
Sep 1 11:54:40
unbound[85952:b] debug: validator[module 0] operate: extstate:module_state_initial event:module_event_moddone
Sep 1 11:54:40
unbound[85952:b] info: validator operate: query M.ROOT-SERVERS.NET. A IN
Sep 1 11:54:40
unbound[85952:b] debug: iterator[module 1] operate: extstate:module_wait_subquery event:module_event_pass
Sep 1 11:54:40
unbound[85952:b] info: iterator operate: query . NS IN
Sep 1 11:54:40
unbound[85952:b] info: processQueryTargets: . NS IN
Sep 1 11:54:40
unbound[85952:b] debug: out of query targets – returning SERVFAIL
Sep 1 11:54:40
unbound[85952:b] debug: return error response SERVFAIL
Sep 1 11:54:40
unbound[85952:b] debug: validator[module 0] operate: extstate:module_state_initial event:module_event_moddone
Sep 1 11:54:40
unbound[85952:b] info: validator operate: query . NS IN
Sep 1 11:54:40
unbound[85952:b] debug: iterator[module 1] operate: extstate:module_wait_subquery event:module_event_pass
Sep 1 11:54:40
unbound[85952:b] info: iterator operate: query urs.smartscreen.microsoft.com. A IN
Sep 1 11:54:40
unbound[85952:b] info: processQueryTargets: urs.smartscreen.microsoft.com. A IN
Sep 1 11:54:40
unbound[85952:b] debug: Failed to get a delegation, giving up
Sep 1 11:54:40
unbound[85952:b] debug: return error response SERVFAIL
Sep 1 11:54:40
unbound[85952:b] debug: validator[module 0] operate: extstate:module_wait_module event:module_event_moddone
Sep 1 11:54:40
unbound[85952:b] info: validator operate: query urs.smartscreen.microsoft.com. A IN
Sep 1 11:54:40
unbound[85952:b] debug: cache memory msg=264377 rrset=264216 infra=19378 val=264424