DNS Stops working
-
DNS randomly stops working, But Internet is accessible via IPs.
WAN
LAN
Guest
--------------------------------------------- Logs ------------------------------------------------------------------------------------------------
Jan 12 06:26:56 unbound 54403:3 debug: cache memory msg=66241 rrset=66072 infra=11045 val=66288 Jan 12 06:26:56 unbound 54403:3 debug: query took 0.000000 sec Jan 12 06:26:56 unbound 54403:3 debug: validator[module 0] operate: extstate:module_wait_module event:module_event_moddone Jan 12 06:26:56 unbound 54403:3 debug: mesh_run: validator module exit state is module_finished Jan 12 06:26:56 unbound 54403:3 debug: out of query targets -- returning SERVFAIL Jan 12 06:26:56 unbound 54403:3 info: G.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: processQueryTargets: . NS IN Jan 12 06:26:56 unbound 54403:3 debug: opened UDP if=0 port=21482 Jan 12 06:26:56 unbound 54403:3 info: sending query: . NS IN Jan 12 06:26:56 unbound 54403:3 debug: selrtt 376 Jan 12 06:26:56 unbound 54403:3 debug: ip4 192.36.148.17 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: M.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: D.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: error sending query to auth server ip4 192.36.148.17 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 202.12.27.33 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: ip4 198.97.190.53 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: M.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: D.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: error sending query to auth server ip4 192.203.230.10 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: inserted new pending reply id=ed1b Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 192.203.230.10 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: ip4 193.0.14.129 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: ip4 192.33.4.12 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: G.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: processQueryTargets: . NS IN Jan 12 06:26:56 unbound 54403:3 debug: opened UDP if=0 port=63276 Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 192.203.230.10 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: K.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: B.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 notice: remote address is ip4 199.7.91.13 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: dnssec status: expected Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 192.203.230.10 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: rtt=376 Jan 12 06:26:56 unbound 54403:3 debug: ip4 199.7.91.13 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: processQueryTargets: targetqueries 0, currentqueries 0 sentcount 0 Jan 12 06:26:56 unbound 54403:3 debug: sending to target: <.> 193.0.14.129#53 Jan 12 06:26:56 unbound 54403:3 info: sending query: . NS IN Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 199.7.91.13 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: H.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: error sending query to auth server ip4 198.41.0.4 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: EDNS lookup known=0 vs=0 Jan 12 06:26:56 unbound 54403:3 debug: rtt=376 Jan 12 06:26:56 unbound 54403:3 debug: ip4 202.12.27.33 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: ip4 192.33.4.12 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: H.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: processQueryTargets: . NS IN Jan 12 06:26:56 unbound 54403:3 debug: opened UDP if=0 port=43361 Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 198.97.190.53 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: ip4 198.41.0.4 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: D.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: error sending query to auth server ip4 192.58.128.30 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: close fd 22 Jan 12 06:26:56 unbound 54403:3 debug: serviced query UDP timeout=376 msec Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 199.7.91.13 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: rtt=376 Jan 12 06:26:56 unbound 54403:3 debug: rtt=376 Jan 12 06:26:56 unbound 54403:3 debug: ip4 199.9.14.201 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: F.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 debug: iter_handle processing q with state QUERY TARGETS STATE Jan 12 06:26:56 unbound 54403:3 debug: inserted new pending reply id=6e94 Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 202.12.27.33 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: rtt=376 Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 198.97.190.53 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: ip4 192.5.5.241 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: K.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: B.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 notice: remote address is ip4 192.5.5.241 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 192.33.4.12 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: rtt=376 Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 199.7.83.42 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: rtt=376 Jan 12 06:26:56 unbound 54403:3 debug: ip4 198.97.190.53 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: M.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: D.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: error sending query to auth server ip4 192.112.36.4 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: inserted new pending reply id=ccc6 Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 202.12.27.33 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: rtt=376 Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 192.203.230.10 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: rtt=376 Jan 12 06:26:56 unbound 54403:3 debug: ip4 199.7.83.42 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: ip4 199.7.91.13 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: I.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: DelegationPoint<.>: 13 names (0 missing), 13 addrs (12 result, 0 avail) parentNS Jan 12 06:26:56 unbound 54403:3 notice: sendto failed: Network is unreachable Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 192.33.4.12 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 192.112.36.4 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: rtt=376 Jan 12 06:26:56 unbound 54403:3 debug: rtt=376 Jan 12 06:26:56 unbound 54403:3 debug: ip4 192.58.128.30 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: ip4 199.9.14.201 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: F.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: validator operate: query M.ROOT-SERVERS.NET. A IN Jan 12 06:26:56 unbound 54403:3 info: resolving M.ROOT-SERVERS.NET. A IN Jan 12 06:26:56 unbound 54403:3 debug: ip4 198.97.190.53 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: D.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: error sending query to auth server ip4 199.7.83.42 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: inserted new pending reply id=eecb Jan 12 06:26:56 unbound 54403:3 debug: attempt to get extra 2 targets Jan 12 06:26:56 unbound 54403:3 debug: ip4 192.5.5.241 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: A.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 debug: dnssec status: expected Jan 12 06:26:56 unbound 54403:3 debug: attempt to get extra 2 targets Jan 12 06:26:56 unbound 54403:3 debug: ip4 192.203.230.10 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: J.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: A.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 notice: remote address is ip4 193.0.14.129 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: sending to target: <.> 193.0.14.129#53 Jan 12 06:26:56 unbound 54403:3 info: sending query: . NS IN Jan 12 06:26:56 unbound 54403:3 debug: ip4 202.12.27.33 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: ip4 192.203.230.10 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: H.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: processQueryTargets: . NS IN Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 199.7.83.42 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: ip4 199.7.83.42 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: ip4 192.33.4.12 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: F.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 debug: iter_handle processing q with state QUERY TARGETS STATE Jan 12 06:26:56 unbound 54403:3 debug: ip4 199.7.91.13 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: G.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: error sending query to auth server ip4 202.12.27.33 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: inserted new pending reply id=b19d Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 199.7.83.42 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 192.33.4.12 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: ip4 192.5.5.241 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: J.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: DelegationPoint<.>: 13 names (0 missing), 13 addrs (6 result, 0 avail) parentNS Jan 12 06:26:56 unbound 54403:3 notice: sendto failed: Network is unreachable Jan 12 06:26:56 unbound 54403:3 debug: sending to target: <.> 192.112.36.4#53 Jan 12 06:26:56 unbound 54403:3 info: sending query: . NS IN Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 192.112.36.4 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: ip4 192.203.230.10 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: I.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: DelegationPoint<.>: 13 names (0 missing), 13 addrs (7 result, 0 avail) parentNS Jan 12 06:26:56 unbound 54403:3 notice: sendto failed: Network is unreachable Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 192.33.4.12 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: C.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: error sending query to auth server ip4 198.97.190.53 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: close fd 22 Jan 12 06:26:56 unbound 54403:3 debug: serviced query UDP timeout=376 msec Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 192.33.4.12 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: rtt=376 Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 192.112.36.4 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: rtt=376 Jan 12 06:26:56 unbound 54403:3 debug: ip4 192.203.230.10 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: A.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 notice: remote address is ip4 199.9.14.201 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: dnssec status: expected Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 199.7.83.42 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: rtt=376 Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 192.203.230.10 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: ip4 192.203.230.10 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: A.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 notice: sendto failed: Network is unreachable Jan 12 06:26:56 unbound 54403:3 debug: sending to target: <.> 198.41.0.4#53 Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 192.33.4.12 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 192.112.36.4 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 202.12.27.33 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: ip4 192.112.36.4 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: L.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: C.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 debug: close of port 16840 Jan 12 06:26:56 unbound 54403:3 debug: EDNS lookup known=0 vs=0 Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 199.7.83.42 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 192.112.36.4 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 192.33.4.12 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: ip4 193.0.14.129 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: ip4 192.33.4.12 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: G.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: processQueryTargets: . NS IN Jan 12 06:26:56 unbound 54403:3 debug: comm point start listening 22 Jan 12 06:26:56 unbound 54403:3 info: sending query: . NS IN Jan 12 06:26:56 unbound 54403:3 debug: selrtt 376 Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 199.7.91.13 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 198.97.190.53 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 199.7.83.42 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: ip4 198.97.190.53 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: M.ROOT-SERVERS.NET. * A Jan 12 06:26:56 unbound 54403:3 info: D.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 debug: iterator[module 1] operate: extstate:module_wait_subquery event:module_event_pass Jan 12 06:26:56 unbound 54403:3 info: new pside target L.ROOT-SERVERS.NET. A IN Jan 12 06:26:56 unbound 54403:3 debug: ip4 192.58.128.30 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: ip4 198.41.0.4 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: D.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: error sending query to auth server ip4 199.7.83.42 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: serviced query UDP timeout=376 msec Jan 12 06:26:56 unbound 54403:3 debug: ip4 199.7.83.42 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: ip4 192.33.4.12 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: G.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 debug: iter_handle processing q with state QUERY TARGETS STATE Jan 12 06:26:56 unbound 54403:3 debug: opened UDP if=0 port=14264 Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 199.7.83.42 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: rtt=376 Jan 12 06:26:56 unbound 54403:3 info: H.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 debug: opened UDP if=0 port=11893 Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 192.112.36.4 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: rtt=376 Jan 12 06:26:56 unbound 54403:3 debug: ip4 192.36.148.17 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: M.ROOT-SERVERS.NET. * A Jan 12 06:26:56 unbound 54403:3 info: B.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 debug: dnssec status: expected Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 192.112.36.4 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: ip4 198.97.190.53 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: M.ROOT-SERVERS.NET. * A Jan 12 06:26:56 unbound 54403:3 info: C.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 info: error sending query to auth server ip4 192.58.128.30 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: close fd 22 Jan 12 06:26:56 unbound 54403:3 debug: EDNS lookup known=0 vs=0 Jan 12 06:26:56 unbound 54403:3 debug: rtt=376 Jan 12 06:26:56 unbound 54403:3 debug: ip4 199.7.83.42 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 debug: ip4 199.7.91.13 port 53 (len 16) Jan 12 06:26:56 unbound 54403:3 info: H.ROOT-SERVERS.NET. * A PSIDE_A Jan 12 06:26:56 unbound 54403:3 debug: processQueryTargets: targetqueries 0, currentqueries 0 sentcount 0 Jan 12 06:26:56 unbound 54403:3 notice: sendto failed: Network is unreachable Jan 12 06:26:56 unbound 54403:3 debug: selrtt 376 Jan 12 06:26:56 unbound 54403:3 debug: servselect ip4 192.112.36.4 port 53 (len 16)
-
Hi,
DNS works from LAN, right after it's installed.
'Then you made some changes and things stopped working.'
I can see that :
You added another interface.
Changed - at least - the only firewall 'pass-all' rule present on the LAN interface.What are your LAN and QUEST firewall rules ?
Did you change any DNS settings ? -
@Gertjan
The last two interfaces have no rules. -
Remove "WAN_DHCP" here ....
The QUEST network seems fine.
-
@Gertjan Just to let you know DNS stops working on Lan, and guest. I have removed the WANDHCP I'll monitor for few days to see if that happens again or not, thanks
-
I guess you know what you did here (LAN) :
DNS traffic is allowed to go to to IP 168.168.40.1 (you did not mention where this IP is : on LAN ? On some other LAN ? - I presume it's some DNS server - looking at the traffic counter, traffic is send to that DNS server)
The alias "Playstation" (You did not mention if the Playstation does work well - presume, looking at the traffic counters, it does show traffic)
Your DNS block rule works .... and that's why you said "DNS stops working".
(so : remove this rule and you'll be fine ^^)Just a question : take any device on your LAN, a PC, and type
ipconfig /all
What is the DNS it's using ?
Related question : does your DHCP hands over the correct (= 168.168.40.1 )DNS ? -
@Gertjan 192.168.40.1 is pfsense box ip, I am using it pfblockerng on it, what's why I made those rules, but when DNS stops working PlayStation also are affect, entire lan and guest is effected. This issue doesn't happens all the time, it's like once a week it occurs.
-
@manjotsc said in DNS Stops working:
192.168.40.1 is pfsense box ip
Tip : use the build in alias "Firewall itself" (the first in the list).
@manjotsc said in DNS Stops working:
it's like once a week it occurs.
At that moment, check if unbound, the DNS resolver on pfSense is actually running.
The best way to do that is using console or SSH access, and type[2.4.4-RELEASE][admin@pfsense.brit-hotel-fumel.net]/root: ps ax | grep unbound 76224 - S 0:55.87 /usr/local/sbin/lighttpd_pfb -f /var/unbound/pfb_dnsbl_lighty.conf 83945 - Ss 17:13.80 /usr/local/sbin/unbound -c /var/unbound/unbound.conf 66966 0 S+ 0:00.00 grep unbound
As you can see, mine is running for** 17 hours and 13 minutes.
Also, check the GUI DNS logs : was unbound restarted ? How long did it take ?
** edit : see remark @johnpoz below
-
That is showing you cpu time, not elapsed clock time ;)
If you want to see etime you have to call that out..
example - find the pid
[2.4.4-RELEASE][admin@sg4860.local.lan]/root: ps ax | grep unbound 33787 - Is 0:41.49 /usr/local/sbin/unbound -c /var/unbound/unbound.conf 25758 0 S+ 0:00.00 grep unbound [2.4.4-RELEASE][admin@sg4860.local.lan]/root: ps -p 33787 -o etime ELAPSED 1-23:27:48 [2.4.4-RELEASE][admin@sg4860.local.lan]/root: ps -p 33787 -o etimes ELAPSED 170882 [2.4.4-RELEASE][admin@sg4860.local.lan]/root:
Then ask for etime or etimes (which will be in seconds)
-
Nice - thanks.
[2.4.4-RELEASE][admin@pfsense.brit-hotel-fumel.net]/root: ps ax | grep unbound 76224 - S 0:55.96 /usr/local/sbin/lighttpd_pfb -f /var/unbound/pfb_dnsbl_lighty.conf 83945 - Ss 17:22.86 /usr/local/sbin/unbound -c /var/unbound/unbound.conf 98238 0 S+ 0:00.00 grep unbound [2.4.4-RELEASE][admin@pfsense.brit-hotel-fumel.net]/root: ps -p 83945 -o etime ELAPSED 4-00:48:20
4 days .... ok for me.
-
-
-
well in means its restarting - do you have it registering dhcp? Did you just make a change to host or domain overrides... Did pfblocker update, etc..
Problem is when restarts cache is lost, while its restarting nothing can respond to dns, etc.
-
-
-
@manjotsc said in DNS Stops working:
" do you have it registering dhcp?
Do you have checked this one :
If so, when a new lease is asked and granted, the Resolver is restarted.
Compare DHCP logs and DNS Resolver log. You can see it happen.If you have a device that insists in asking a new DHCP lease every xx minutes, then yes, your Resolver get's restarted every xx minutes. Something you do not want at all ...
@manjotsc said in DNS Stops working:
Maybe because it set to every hour,
So you get what you want : a guaranteed Resolver restart every hour.
And the risk that feed servers are blacklisting your download attempts.@manjotsc said in DNS Stops working:
Now when I start downloading something file large files, DNS stops working.
Loading some file from the net doesn't use the DNS.
In the beginningt, the URL of the file is resolved. The IP connection is made, and packets just stream through the router/firewall.
Whatever the Resolver is doing at that moment, it has nothing to do with this data stream.If you want to look for system instability :
Remove ALL packages.
Check for 'strange' system messages : enter the console, option 8 and type "dmesg". See if new logs are added. Are they NIC related ? -
@Gertjan DHCP Registration, is not checked.
-
@Gertjan This is what I am getting on logs,
----------------------------------------------- Before Reboot ---------------------------------------------
--------------------------------------------- After Reboot -------------------------------------------------
-
@manjotsc said in DNS Stops working:
This is what I am getting on logs,
Both logs show a lot of what happens during DNS resolving.
Logging as much info - note that both logs images show lines that all took please in 1 second (!!).
Logging this much info really takes a hit on the system.
DNS resolving over port 853 (TLS) implies huge processing, because everything has to be encrypted - en of course decrypted - re encrypted on the other side. Reply times like 0.120 seconds or 120 milliseconds become 'normal'.
You do have AES-NI, but, still SDNS takes more time then classic DNS.Do you have to supply 8.8.8.8 and 1.1.1.1 your private DNS info ? Please remember : these are companies. The fact that they don't bill you is because you gave them valuable info. Do you have to ? Did you try other DNS sources, like the official Internet DNS root servers ?
Another thing : do the http://www.dslreports.com/speedtest test.
No A's means : .... would you experience right now .... the WAN connection gets congested.
-
@Gertjan Can you help me find Root DNS servers, I made searchg, couln't find.
Thanks,