Pkg.pfsense.org - DNS Record not found



  • Can't check/install updates?

    pkg-static install -f pkg
    pkg-static: Warning: Major OS version upgrade detected.  Running "pkg-static install -f pkg" recommended
    Updating pfSense-core repository catalogue…
    pkg-static: Repository pfSense-core load error: access repo file(/var/db/pkg/repo-pfSense-core.sqlite) failed: No such file or directory
    pkg-static: https://pkg.pfsense.org/pfSense_v2_4_2_amd64-core/meta.txz: No address record
    repository pfSense-core has no meta file, using default settings
    pkg-static: https://pkg.pfsense.org/pfSense_v2_4_2_amd64-core/packagesite.txz: No address record
    Unable to update repository pfSense-core
    Updating pfSense repository catalogue…
    pkg-static: Repository pfSense load error: access repo file(/var/db/pkg/repo-pfSense.sqlite) failed: No such file or directory
    pkg-static: https://pkg.pfsense.org/pfSense_v2_4_2_amd64-pfSense_v2_4_2/meta.txz: No address record
    repository pfSense has no meta file, using default settings
    pkg-static: https://pkg.pfsense.org/pfSense_v2_4_2_amd64-pfSense_v2_4_2/packagesite.txz: No address record
    Unable to update repository pfSense
    Error updating repositories!

    dig pkg.pfsense.org

    ; <<>> DiG 9.11.2 <<>> pkg.pfsense.org
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46562
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ;; QUESTION SECTION:
    ;pkg.pfsense.org.              IN      A

    ;; AUTHORITY SECTION:
    pfsense.org.            20      IN      SOA    ns1.netgate.com. admin.netgate.com. 201608322 3600 7200 1209600 3600

    ;; Query time: 0 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Fri Jan 26 15:17:22 CET 2018
    ;; MSG SIZE  rcvd: 101

    https://www.tcpiputils.com/search?q=pkg.pfsense.org

    https://mxtoolbox.com/SuperTool.aspx?action=a%3Apkg.pfsense.org

    http://downforeveryoneorjustme.com/pkg.pfsense.org

    pkg.pfsense.org has no DNS record?



  • It uses SRV records to find out the mirror sites:

    
    $ dig _http._tcp.pkg.pfsense.org SRV
    
    ; <<>> DiG 9.11.2 <<>> _http._tcp.pkg.pfsense.org SRV
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9926
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ;; QUESTION SECTION:
    ;_http._tcp.pkg.pfsense.org.    IN      SRV
    
    ;; ANSWER SECTION:
    _http._tcp.pkg.pfsense.org. 40  IN      SRV     10 10 80 files00.netgate.com.
    _http._tcp.pkg.pfsense.org. 40  IN      SRV     10 10 80 files01.netgate.com.
    
    ;; Query time: 0 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Fri Jan 26 16:28:20 EET 2018
    ;; MSG SIZE  rcvd: 133
    
    


  • Oh okay I see, but how to tell pkg should use the mirror sites via SRV record?

    /edit

    Okay got it working by adding a dns record to unbound like:

    pkg.pfsense.org 162.208.119.41


  • Rebel Alliance Global Moderator

    No and No…



  • @johnpoz:

    No and No…

    I would be deeply grateful, If you could me explain a little bit more.


  • Rebel Alliance Global Moderator

    The system should resolve the SRV record on its own.. So you either have a problem resolving that?  Or it seems your version is outdated?

    "Repository pfSense-core load error: access repo file(/var/db/pkg/repo-pfSense-core.sqlite) failed: No such file or directory"

    You seem to have a problem there

    And you get this error.
    "pkg-static: Warning: Major OS version upgrade detected."

    What version of pfsense are you running?  Do a query for the SRV record.. Does it resolve or not?

    dig _https._tcp.pkg.pfsense.org SRV

    
    [2.4.2-RELEASE][root@sg4860.local.lan]/: dig _https._tcp.pkg.pfsense.org SRV
    
    ; <<>> DiG 9.11.2 <<>> _https._tcp.pkg.pfsense.org SRV
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56803
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 1
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ;; QUESTION SECTION:
    ;_https._tcp.pkg.pfsense.org.   IN      SRV
    
    ;; ANSWER SECTION:
    _https._tcp.pkg.pfsense.org. 3600 IN    SRV     10 10 443 files01.netgate.com.
    _https._tcp.pkg.pfsense.org. 3600 IN    SRV     10 10 443 files00.netgate.com.
    
    ;; AUTHORITY SECTION:
    pfsense.org.            3600    IN      NS      ns2.netgate.com.
    pfsense.org.            3600    IN      NS      ns1.netgate.com.
    
    ;; Query time: 70 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Fri Jan 26 10:01:15 CST 2018
    ;; MSG SIZE  rcvd: 181
    
    [2.4.2-RELEASE][root@sg4860.local.lan]/:
    
    

    Or try the http record

    dig _http._tcp.pkg.pfsense.org SRV

    
    [2.4.2-RELEASE][root@sg4860.local.lan]/: dig _http._tcp.pkg.pfsense.org SRV 
    
    ; <<>> DiG 9.11.2 <<>> _http._tcp.pkg.pfsense.org SRV
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49286
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 1
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ;; QUESTION SECTION:
    ;_http._tcp.pkg.pfsense.org.    IN      SRV
    
    ;; ANSWER SECTION:
    _http._tcp.pkg.pfsense.org. 3600 IN     SRV     10 10 80 files01.netgate.com.
    _http._tcp.pkg.pfsense.org. 3600 IN     SRV     10 10 80 files00.netgate.com.
    
    ;; AUTHORITY SECTION:
    pfsense.org.            3600    IN      NS      ns1.netgate.com.
    pfsense.org.            3600    IN      NS      ns2.netgate.com.
    
    ;; Query time: 41 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Fri Jan 26 10:02:08 CST 2018
    ;; MSG SIZE  rcvd: 180
    
    [2.4.2-RELEASE][root@sg4860.local.lan]/:
    
    


  • Thank you for the detailed explanation.

    I was trying to do a upgrade from 2.3.5-RELEASE-p1 to 2.4.2-RELEASE and have now a broken Frankenstein system, half of it is 2.3.5 and the other half is 2.4.2.  :o

    Looks like a common problem, if you search the forum.


  • Rebel Alliance Global Moderator

    I would do a clean install and then restore from your backup.