DNS Resolver stops running

  • I am running 2.4.4-p3 and about every month or two, the DNS resolver just stops running. when I go into the web GUI, all I have to do to fix it is just start the service. After that, everything works just fine. Is there a way to make it so I don't have to start the DNS resolver every month?


  • Probably by finding out what's making it crash and fixing it. Start by looking at the log via Status - System Logs - DNS Resolver.

  • When a process stops executing, it logs the reason why.
    So, the question is : what's in the logs ?

    unbound (the resolver) can restarted for several reasons. Several situations will restart - that is stop to start again - the resolver. pfSense has no code to stop the resolver - only the user (the admin with GUI access) can stop that process.
    So, tell us, what happened ?

    edit : as @KOM said ....

  • afeee650-0fbf-43ac-90fc-a1ecf87a7de0-image.png

    This what I have

  • That's only a 4-hour span from today. If it didn't crash in that time then there is nothing there in the WebGUI view.

    Shell in and check /var/log/resolver.log. It should have more history, and look specifically around the time that it crashed.

  • Screenshot (5).png

    What I highlighted is when I started the service. This actually happened today

  • Hmm, nothing there. Anything in the System log at 4:50:11 or just before?

  • Screenshot (6).png

    I think this is what caused the problem but I do not know how to fix this.

  • Your WAN goes down several times just before and after that moment. Why ? If this didn't happen, chances are good that your issue doesn't pop anymore - or far less.

    When such an event happens, many processes get restarted.

    Somehow, unbound (the resolver) gets stopped and started again, but during the start, a test is executed, to check if the settings file is ok. The test shows that ports (like 53 and/or 953 are still used by some process. This can only be the previous instance of unbound, probably still occupied to 'shut down'.

    There is a way to accelerate unbound stopping and starting : temporary, deactivate pfBlockerNG.

  • I am not sure why my WAN would go down. Could it be my ISP renewing my DHCP lease? This only happens once a month. So are you saying next time this happens, to disable my pfBlockerNG? I also just discovered that pfBlockerNG was behind one update. could that be the issue?

    Thank you,

  • It's isn't just a lease that expires. That's something like a high level notice of a connection.
    The kernel messages indicate a the connection really got interrupted, like you pulling the cable, or switching off and on the upstream device (ISP modem/router). It happened several times in less then x minutes.
    While something starts banging on the on/off switch, or a bad cable, or a NIC bad on either site, every time a whole lot of processes gets restarted.

    Actually quiet normal that unbound can't keep up with it.

    Anyway, just thinking out loud here.

  • I just did a wiggle check on the WAN cable and it seems to be just fine. Could it be Comcast trying to update their modem?

  • Comcast ?
    Now that's an ISP who is often mentioned on this forum.

    When it establishes an uplink connection, it needs some time.
    Using Interfaces -> WAN -> DHCP Client Configuration -> Advanced Configuration (check it) might help here.
    Use on or more of the option, you'll find the info in the forum.

  • @Gertjan said in DNS Resolver stops running:

    Using Interfaces -> WAN -> DHCP Client Configuration -> Advanced Configuration (check it) might help here.

    Where do I find this? sorry, I am new to the forum page.

  • pfSense settings menus !


  • I think it is fixed. Thank you @KOM and @Gertjan!

Log in to reply