DNS configuration for LAN interface



  • Hi all, I've got what is hopefully an easy question.

    I have a laptop plugged into my LAN interface and can ping 8.8.8.8, 8.8.4.4 and other public IPs.
    I can ping my WAN interface, and I can ping the WAN upstream gateway.

    I can't however ping google.com or resolve anything from my laptop. What's interesting is under Diagnostics > Ping I can ping google just fine when I select LAN or WAN as the source. So I can't tell if this is a firewall rule issue, or a DNS issue

    I've allowed TCP/UDP traffic for port 53 on my LAN interface and am using DNS resolver. The WAN and LAN gateways show they are up.
    And the dashboard shows the following DNS servers:
    127.0.0.1
    75.75.75.75
    75.75.76.76
    8.8.8.8
    8.8.4.4

    Right now, the upstream gateway for my LAN is none. But if I change it to itself, it can no longer even ping 8.8.8.8 nor google.com from Diagnostics > Ping.
    What gives?



  • In Windows, if I go, PING -a NAME, and it returns an IP (whether ping successful or not) then DNS is resolving, and the prob is somewhere else.



  • When I do that I simply get:
    Ping request could not find host google.com. Please check the name and try again.

    So I can only ping raw public IPs. I don't understand how the LAN interface itself can ping google.com and my machine can't. When I run ipconfig/all
    I see that my machine is using the LAN's IP for Default gateway, DHCP server, and DNS server.



  • Everything looks normal, all I can think of is, u got some weird rule sitting there blocking stuff.



  • Honestly I very well could have messed up the rules so don't give me the benefit of the doubt. XD
    What I'm not sure of though is: should my DNS resolutions be getting routed through the WAN interface, or should it be happening via the LAN interface exclusively?

    I don't have an upstream gateway set on the LAN interface so it seems to have defaulted to routing through WAN. Just want to make sure that's normal.



  • "Normal" is, this :
    A device - a PC - on your LAN, hook it up as when it came out of the box :

    
    C:\Users\Réception-Gauche>ipconfig /all
    
    Configuration IP de Windows
    
    Carte Ethernet Connexion au réseau local :
    
       Description. . . . . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet
       DHCP activé. . . . . . . . . . . . . . : Oui
       Configuration automatique activée. . . : Oui
       Adresse IPv6\. . . . . . . . . . . . . .: 2001:470:1f13:5c0:2::c6(préféré)
       Bail obtenu. . . . . . . . . . . . . . : lundi 26 février 2018 06:45:20
       Bail expirant. . . . . . . . . . . . . : lundi 26 février 2018 08:45:20
       Adresse IPv6 de liaison locale. . . . .: fe80::75cd:7073:d0a4:bc7c%10(préféré)
       Adresse IPv4\. . . . . . . . . . . . . .: 192.168.1.6(préféré)
       Masque de sous-réseau. . . . . . . . . : 255.255.255.0
       Bail obtenu. . . . . . . . . . . . . . : mercredi 14 février 2018 10:25:15
       Bail expirant. . . . . . . . . . . . . : mardi 27 février 2018 06:45:19
       Passerelle par défaut. . . . . . . . . : fe80::212:3fff:feb3:5875%10
                                           192.168.1.1
       Serveur DHCP . . . . . . . . . . . . . : 192.168.1.1
       IAID DHCPv6 . . . . . . . . . . . : 246983791
       DUID de client DHCPv6\. . . . . . . . : 00-01-00-01-14-20-18-E3-B8-AC-6F-47-2C-77
       Serveurs DNS. . .  . . . . . . . . . . : 2001:470:1f13:5c0:2::1
                                           192.168.1.1
       NetBIOS sur Tcpip. . . . . . . . . . . : Activé
    

    So, gateway and DNS are set to 192.168.1.1 - my pfSense. This isfo was given to my PC by pfSense.

    pfSense : I never touched the DNS settings, use settings out of the box.
    Set up my WAN connection using DHCP-clientso it obtains an IP from my upstream ISP router, and done.

    My System => General Setup is pretty empty, I only set a host name and domain name for pfSense.
    On  Status => Dashboard => Status => Dashboard says for DNS server(s) : 127.0.0.1

    LAN firewall rule : a big pass all rule (TCP,UDP,ICMP,IPv4,IPv6)

    That's it.

    Actually, pfSense behaves exactly identical to any any other box that an ISP gives you : hook up to power, setup WAN, slide in a LAN cable and your online.
    Never actually understood why people want something from 8.8.8.8 or 8.8.4.4 …  ;)


Log in to reply