DNS resolver & DNSBL Enable… But DNS address could not be found.
-
Hallo,
Am trying to config DNSBL but when i try to visit a site i get:
This site can’t be reached
google.com’s server DNS address could not be found.
See my config here:
https://imgur.com/a/N7AqdPlz help.
Thnx
-
Do you get DNS resolution when pfBlockerNG is disabled?. Make sure that all DNS Servers under DNS Server Settings support DNSSEC Support.
You have enabled Register DHCP leases in the DNS Resolver, beware that this will reload Unbound when a new lease is generated. Depending on the size of your DNSBL db, the reload may takes minutes to complete with no DNS services during the reload.
Under DNS Feeds, the 3 feeds seems to be IP list and not domain name list. What happen when you do a Force Update or a Force Reload DNSBL ? There are probably errors generated in the pfblockerNG logs.
-
Hi RonpfS,
Thnx for your fast reply.
Do you get DNS resolution when pfBlockerNG is disabled?
Yes when i have Action Disable under Firewall > pfBlockerNG > DNSBL Feeds
You have enabled Register DHCP leases in the DNS Resolver, beware that this will reload Unbound when a new lease is generated.
Oh thank you i didn't know that part so a have it Disable now
the 3 feeds seems to be IP list and not domain name list
https://imgur.com/a/WIHVn
They are DN's containing txt list of IP's
-
the 3 feeds seems to be IP list and not domain name list
https://imgur.com/a/WIHVn
They are DN's containing txt list of IP'sThose URLs are for the IP Feeds, not for DNSBL.
-
Those URLs are for the IP Feeds, not for DNSBL.
Ooooooooh…. Now i get it! :o ;)
Thnx RonpfS
-
RonpfS, I put all ma list and more under Firewall > pfBlockerNG > IPv4. https://imgur.com/a/4efek
But I do still get:This site can’t be reached
google.com’s server DNS address could not be found.
And when I Disable pfBlockerNG completely e.g. it will start working back again.
What do am doing wrong?
-
If you don't have any DNSBL feed active, disable DNSBL in pfblockerNG.
Can't tell without more info. Do you ran a Force Update and Force Reload all after making the changes.
You have to dig into System Logs, Resolver Logs, Firewall logs, pfblockerng alerts and logs
-
I think i found the issue.
Some of my Lists are too aggressive.
-
Like firehole … https://forum.pfsense.org/index.php?topic=135257.0
-
Like firehole … https://forum.pfsense.org/index.php?topic=135257.0
Yes that was exactly the issue. So i turn that list OFF.
Thnx
