DNS Forwarder stopped forwarding to 184.108.40.206 and 220.127.116.11
I have a pfsense firewall with about 40 VLANS.
DNS Forwarder is enabled on the firewall and each VLAN is using the default GW as the DNS server.
DNS Forwarder was forwarding to 18.104.22.168 and everything was working fine for years until a few days ago.
The firewall stopped forwarding requests to 22.214.171.124. I was able to ping it but just couldn't resolve DNS queries using that address.
I changed it to 126.96.36.199 and everything started working again but a couple of days later, the same thing started happening with 188.8.131.52 as well. I can ping it but DNS queries are not resolving using that address and as a result, all my clients lost the internet.
I changed the DNS server address to DYN DNS and it is working again now. Who knows when it is going to stop again.
I have checked the firewall rules and I don't see anything that is stopping 184.108.40.206 or 220.127.116.11.
Has anyone experienced anything like this?
Thanks for your help again. Always appreciate it. :)
Are you certain it's not being blocked upstream?
Set your DNS servers back to 18.104.22.168/22.214.171.124 and then check a packet capture on WAN to see if the queries leave the firewall. If they leave but no response comes back, then it's probably your ISP blocking them.
ng blocked upstrea
Thanks for your reply. Yes, I am certain because if I change the dns server address to 126.96.36.199/188.8.131.52 on any of the computers, the internet works.
I will try packet capture and see what happens.
Any entries in the resolver log on pfSense?
Can you post screenshots of your DNS Resolver configuration?