DNS Forwarder stopped forwarding to 188.8.131.52 and 184.108.40.206
I have a pfsense firewall with about 40 VLANS.
DNS Forwarder is enabled on the firewall and each VLAN is using the default GW as the DNS server.
DNS Forwarder was forwarding to 220.127.116.11 and everything was working fine for years until a few days ago.
The firewall stopped forwarding requests to 18.104.22.168. I was able to ping it but just couldn't resolve DNS queries using that address.
I changed it to 22.214.171.124 and everything started working again but a couple of days later, the same thing started happening with 126.96.36.199 as well. I can ping it but DNS queries are not resolving using that address and as a result, all my clients lost the internet.
I changed the DNS server address to DYN DNS and it is working again now. Who knows when it is going to stop again.
I have checked the firewall rules and I don't see anything that is stopping 188.8.131.52 or 184.108.40.206.
Has anyone experienced anything like this?
Thanks for your help again. Always appreciate it. :)
Are you certain it's not being blocked upstream?
Set your DNS servers back to 220.127.116.11/18.104.22.168 and then check a packet capture on WAN to see if the queries leave the firewall. If they leave but no response comes back, then it's probably your ISP blocking them.
ng blocked upstrea
Thanks for your reply. Yes, I am certain because if I change the dns server address to 22.214.171.124/126.96.36.199 on any of the computers, the internet works.
I will try packet capture and see what happens.
Any entries in the resolver log on pfSense?
Can you post screenshots of your DNS Resolver configuration?