Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS periodic failure - with pfblocker installed.

    Scheduled Pinned Locked Moved DHCP and DNS
    25 Posts 4 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • johnpozJ
      johnpoz LAYER 8 Global Moderator
      last edited by johnpoz

      We have already gone into great detail on how to troubleshoot this and how a resolver works.

      if you are having issues resolving all .org domains... Then your isp is having issues talking to one of the NS for that tld

      ;; QUESTION SECTION:
;org.                           IN      NS

;; ANSWER SECTION:
org.                    86400   IN      NS      a0.org.afilias-nst.info.
org.                    86400   IN      NS      a2.org.afilias-nst.info.
org.                    86400   IN      NS      b0.org.afilias-nst.org.
org.                    86400   IN      NS      b2.org.afilias-nst.org.
org.                    86400   IN      NS      c0.org.afilias-nst.info.
org.                    86400   IN      NS      d0.org.afilias-nst.org.

      Seems odd that you would have issues talking to all of them? So query them directly for what your looking for.. Does it work?

      If your having issues resolve 1 org or a few of them then maybe you have issues just talking to the NS for those domains.

      If your having problems with your internet and resolving - then just freaking forward.l Or get another Isp, or bitch them that your connection sucks...

      Log your queries.. log your responses.. When you have a problem with domain X, what does your log show?

      server:
log-queries: yes
log-replies: yes

      An intelligent man is sometimes forced to be drunk to spend time with his fools
      If you get confused: Listen to the Music Play
      Please don't Chat/PM me for help, unless mod related
      SG-4860 24.11 | Lab VMs 2.8, 24.11

      1 Reply Last reply Reply Quote 2
      • R
        reberhar
        last edited by

        For us of the original post we are relatively sure that the ISP is playing a part is this. We have rebuilt our systems and in the process were able to observe that the DNS problems did not really appear to be from any pfSense server. What's more we use the same ISP in another location. They have no pfSense server and they still suffer with DNS resolution problems.

        Thanks johnpoz.

        D R 2 Replies Last reply Reply Quote 0
        • D
          drewsaur @reberhar
          last edited by

          @reberhar That appears to be my case as well. The ISPs really seem to be playing DNS games to prepare themselves for the upcoming legislative activities.

          1 Reply Last reply Reply Quote 0
          • R
            reberhar @reberhar
            last edited by

            @reberhar There was an off comment about the traffic shaper in one post. I went through the traffic shaper today and found some odd items, some legacy things and some things that were probably changed as the mouse went by. There were a couple of conflicting items in all this. It now does appear that unbound in functioning well. I will answer back if this turns out not to be the case. I did bump up the DNS priority, but I am unsure if this works when Unbound is not forwarding.

            R 1 Reply Last reply Reply Quote 0
            • R
              reberhar @reberhar
              last edited by

              @reberhar Yes indeed my DNS is now reliable and fast. My problem with DNS was not the service provider or indeed in the DNS, but an error in the traffic shaper.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.