Resolver Stops Working
dma_pf last edited by dma_pf
I have an issue that I'm stumped on and need some help troubleshooting. I have pfsense setup with resolver as the dns server which does nor forward. Everything goes out to the root servers. I have a mix of some clients that are on a MS AD network and other that are not. Pfsense is the DCHP server for all clients. The AD clients have static IPs assigned by pfsense DCHP with the domain controller's IP set up as the DNS server so that routing can be done on the domain network. The AD DNS server has a forwarder to the pfsense box for non-resolvable (non-domain) addresses.
This has been working perfectly for a 6 to 8 months. About 6 weeks ago I had an issue where resolver was not resolving addresses. I was able to "fix" it by rebooting pfsense and everything has been working fine again until today.
Now I am having the same issue. Clients are not able to resolve addresses outside of the domain network and It happens to clients that are on the domain and non-domain machines. This leads me to believe that the issue is with resolver. When I go to status/services I have found that resolver is working and I have also found it in the disabled state. When it's disabled I've tried to restart it and the icon just spins ans spins. It appears that it does not completely start. I've rebooted pfsense a few times and it seems to clear things up but then starts to not be able to resolve again.
I've looked at the resolver logs and have not seen anything that seemed remarkable to me but I'm not sure I'm looking at the right things or that I have the expertise to really understand what I'm looking at.
So I'm kindly asking for some help in troubleshooting the issue. I'm on version 2.4.4-RELEASE-p3 and am running pfblockerng -devel 2.2.5_24
KOM last edited by
Services - DNS Resolver - Advanced Settings. Bump the log level from 1 to 2 or 3 and then try again. Do you happen to run the pfBlocker package?