Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    filterdns failed to resolve host will retry later again.

    DHCP and DNS
    3
    16
    723
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bcruze last edited by bcruze

      full message is:

      filterdns failed to resolve host 192.168.1.1.253 will retry later again.

      that address is not pingable. it was finding a LIFX bulb. since this started i have changed the ip address to another static ip address. put the bulb back on dhcp it has a new address is pingable. the light bulb works. but the dns resolver logs says this constantly

      i have tried this fix: https://forum.netgate.com/topic/59108/filterdns-problems-after-a-typo-in-an-alias

      and it is still an issue. suggestions? i have rebooted the firewall. done everything i know i can do
      i did have a few DNS resolver advanced configuration options checked: they are disabled now
      query name minimization
      prefetch dns support
      prefetch dns key support
      harden dnssec data. (this gave me an error in TRYING to turn off) even though i don't even have DNSSEC enabled on the previous page.

      1 Reply Last reply Reply Quote 0
      • johnpoz
        johnpoz LAYER 8 Global Moderator last edited by

        and what exactly is in your
        /var/etc/filterdns.conf

        Do say a
        cat /var/etc/filterdns.conf

        Do you still see that typo.. 192.168.1.1.253 is not a valid IP address.

        1 Reply Last reply Reply Quote 0
        • B
          bcruze last edited by

          pf 192.168.1.1.253 lifx
          pf 192.168.1.251/32 lifx
          pf 192.168.1.252/32 lifx

          is the full filterdns.conf file
          can i just delete these entry's ?

          1 Reply Last reply Reply Quote 0
          • johnpoz
            johnpoz LAYER 8 Global Moderator last edited by

            So the fix you said you did would of done that it would of removed the whole file.

            Do you still have that typo in your alias?

            1 Reply Last reply Reply Quote 1
            • B
              bcruze last edited by

              that gave me the information to fix this i believe. i deleted the alias entirely.

              thank you Sir

              1 Reply Last reply Reply Quote 0
              • johnpoz
                johnpoz LAYER 8 Global Moderator last edited by

                so now your filterdns.conf only shows what you want in there?

                1 Reply Last reply Reply Quote 0
                • B
                  bcruze last edited by

                  i deleted the incorrect alias, and applied

                  it still shows :

                  pf 192.168.1.1.253 lifx
                  pf 192.168.1.251/32 lifx
                  pf 192.168.1.252/32 lifx

                  should i just remove all three lines?

                  Gertjan 1 Reply Last reply Reply Quote 0
                  • Gertjan
                    Gertjan @bcruze last edited by

                    @bcruze said in filterdns failed to resolve host will retry later again.:

                    i deleted the incorrect alias, and applied

                    it still shows :

                    pf 192.168.1.1.253 lifx
                    pf 192.168.1.251/32 lifx
                    pf 192.168.1.252/32 lifx

                    should i just remove all three lines?

                    The file
                    /var/etc/filterdns.conf
                    is build with the info setup in the GUI.

                    If
                    /var/etc/filterdns.conf
                    contains wrong things, like "192.168.1.1.253" (which is not a valid IPv4 so it probably treats it as a FQDN, and that will fail).

                    Btw : IMHO there is no need to 192.resolve 168.1.251/32 because it's already an IPv4 ....

                    johnpoz 1 Reply Last reply Reply Quote 0
                    • B
                      bcruze last edited by

                      understood. but i deleted it from the GUI, and it still remained in the file. i manually deleted it from the file.

                      Gertjan 1 Reply Last reply Reply Quote 0
                      • Gertjan
                        Gertjan @bcruze last edited by

                        @bcruze said in filterdns failed to resolve host will retry later again.:

                        i manually deleted it from the file.

                        That file, as any other settings-file will be regenerated by the pfSense-GUI.
                        You can't really edit these files, your edits will be overwritten with the GUI settings.

                        Run this 'magic' command in the console (after option 8) to check if any references exists in your GUI settings :

                        grep '192.168.1.1.253' /cf/conf/config.xml
                        

                        If it doesn't return anything, then "192.168.1.1.253" doesn't exist in the GUI.
                        If it does, show us the results ....

                        1 Reply Last reply Reply Quote 0
                        • johnpoz
                          johnpoz LAYER 8 Global Moderator @Gertjan last edited by

                          @Gertjan said in filterdns failed to resolve host will retry later again.:

                          Btw : IMHO there is no need to 192.resolve 168.1.251/32 because it's already an IPv4 ....

                          Yeah I am curious as well - what exact alias type are you putting these IPs in?

                          1 Reply Last reply Reply Quote 0
                          • B
                            bcruze last edited by bcruze

                            i have 2 tunnels setup. but i wanted to setup the lights to go over the WAN instead of the tunnels.

                            so i created an alias called lifx and added the lights on the network. then under firewall > rules > lan added the alias and changed the default gateway to WAN.

                            so to fully answer your question i was assigning static IP addresses out of my DHCP pool range. and yes it was pretty high up there..

                            1 Reply Last reply Reply Quote 0
                            • johnpoz
                              johnpoz LAYER 8 Global Moderator last edited by

                              Yeah ok there are lots of reasons for alias - is the bad entry now gone from filterdns.conf ?

                              1 Reply Last reply Reply Quote 0
                              • B
                                bcruze last edited by

                                after i manually removed it from the file yes

                                1 Reply Last reply Reply Quote 0
                                • johnpoz
                                  johnpoz LAYER 8 Global Moderator last edited by

                                  So here is the thing filter dns only updates so often, so it would of prob cleared itself out after you corrected the typo or removed the entry.

                                  But as long as its cleared and the other stuff you want in the alias is listed you should be good.

                                  1 Reply Last reply Reply Quote 1
                                  • B
                                    bcruze last edited by

                                    thank you. you originally gave me the information to fix in i believe you 2nd post.
                                    this is resolved

                                    1 Reply Last reply Reply Quote 0
                                    • First post
                                      Last post

                                    Products

                                    • Platform Overview
                                    • TNSR
                                    • pfSense
                                    • Appliances

                                    Services

                                    • Training
                                    • Professional Services

                                    Support

                                    • Subscription Plans
                                    • Contact Support
                                    • Product Lifecycle
                                    • Documentation

                                    News

                                    • Media Coverage
                                    • Press
                                    • Events

                                    Resources

                                    • Blog
                                    • FAQ
                                    • Find a Partner
                                    • Resource Library
                                    • Security Information

                                    Company

                                    • About Us
                                    • Careers
                                    • Partners
                                    • Contact Us
                                    • Legal
                                    Our Mission

                                    We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                                    Subscribe to our Newsletter

                                    Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                                    © 2021 Rubicon Communications, LLC | Privacy Policy