DNS Resolver with Enable Forwarding Mode
-
Hello!
According to this documentation - https://www.netgate.com/docs/pfsense/dns/unbound-dns-resolver.html - the Enable Forwarding Mode checkbox only defines what dns servers - either root or some other upstream servers - will answer the quiries. But when I select this checkbox, DNS Resolver stops listening on 53 port (at least Diagnostic\Test Port displays "Connection Failed on the pfsense's port 53) and no dns quieries can be sent from the lan network to the pfsense's lan address (the pfsense itself does access the upstream servers correctly).
Is this behaviour by desing or anything works incorrectly?
Thank you in advance,
Michael
-
Check the resolver log. Odds are, you have some custom DNS Resolver option that ends up in the wrong context, which causes unbound to fail.
In the advanced options of the DNS resolver, add a line at the top that says
server:and then re-save.
-
Hi jimp,
"Odds are, you have some custom DNS Resolver option" - no, it's configuration is as out of box. The single change is selecting the "Enable Forwarding Mode" option. If I clear the resolver's log and apply the change the only log records would be
notice: init module 0: validator
notice: init module 1: iterator
info: start of service (unbound 1.7.3).From this point onwards unbound stops listening on port 53.
Regarding "add a line at the top that says server:" - sorry but I don't see a way to add any line in the Advanced tab - there are only fields to type something.
-
Not the advanced options tab, but here:
That's on the main DNS Resolver tab
