Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    2.4.5 in testing, noticed domain override stopped working

    Scheduled Pinned Locked Moved Development
    8 Posts 2 Posters 501 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mcury
      last edited by

      Hi, I've been testing this new version, in a lab, and noticed that the domain override in DNS resolver stopped working.
      It happens from time to time.

      To solve, I've to edit the domain override and save it again.

      This is just for information purposes to help the developers.
      In case you need further details, or tests that I can perform to help, just let me know.

      Version: 2.4.5.r.20200130.0307
      Device: sg-3100

      dead on arrival, nowhere to be found.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Is it just the domain override that stops working? Nothing else? Other hosts resolve OK?

        Is the target server for the domain override local to you, or remote (either over WAN or VPN)?

        Any errors in the resolver log when it's failing?

        Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • M
          mcury
          last edited by mcury

          Yes, just the domain override, nothing else stops working.
          I have a few Host Overrides that remains working, so the problem is only with the domain override.

          The target server is within my LAN, directly connected to pfsense.

          Didn't find any logs.

          I've noticed the problem during LDAP authentication to pfsense.
          Troubleshooted and found that it was working by IP.
          Went to Diagnosis> DNS Lookup, and it wasn't resolving the domain.

          So i've reapplied the DNS resolver domain override configuration, and it worked again.
          This already happened twice, and I'm not sure what's is triggering it.

          The problem is happening right now, I can perform tests if you like, packet captures, not sure what would be the best approach.

          dead on arrival, nowhere to be found.

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            Do you have anything else configured that might be affecting the DNS Resolver configuration, like pfBlocker?

            I'm not aware of anything that would make only that one option fail.

            Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • M
              mcury
              last edited by

              No, pfblocker is uninstalled.

              Packages installed:

              Acme
              Avahi
              AWS-wizard
              ipsec profile wizard
              nut

              dead on arrival, nowhere to be found.

              1 Reply Last reply Reply Quote 0
              • jimpJ
                jimp Rebel Alliance Developer Netgate
                last edited by

                When it's not working, from an ssh shell prompt, try to resolve it locally:

                host -v blah. 127.0.0.1
                

                and perhaps:

                drill blah. @127.0.0.1
                

                In either case, blah. should be the actual hostname you are trying to look up. Be sure to include the trailing dot.

                Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                Need help fast? Netgate Global Support!

                Do not Chat/PM for help!

                1 Reply Last reply Reply Quote 0
                • M
                  mcury
                  last edited by

                  Ok, I'll do it, the thing is that it started to work again, without intervention this time.
                  I' ll wait for the problem begin again, and I'll perform those lookups as you suggested, and will update this topic.

                  dead on arrival, nowhere to be found.

                  1 Reply Last reply Reply Quote 0
                  • M
                    mcury
                    last edited by mcury

                    Follow the output

                    [2.4.5-RC][root@pfSense.local.lan]/root: ping raspsrv.local.lan
                    ping: cannot resolve raspsrv.local.lan: Unknown host
                    
                    [2.4.5-RC][root@pfSense.local.lan]/root: ping 192.168.255.251
                    PING 192.168.255.251 (192.168.255.251): 56 data bytes
                    64 bytes from 192.168.255.251: icmp_seq=0 ttl=64 time=0.623 ms
                    ^C
                    --- 192.168.255.251 ping statistics ---
                    1 packets transmitted, 1 packets received, 0.0% packet loss
                    round-trip min/avg/max/stddev = 0.623/0.623/0.623/0.000 ms
                    
                    [2.4.5-RC][root@pfSense.local.lan]/root: host -v raspsrv.local.lan. 127.0.0.1   Trying "raspsrv.local.lan"
                    Trying "raspsrv.local.lan.local.lan"
                    Using domain server:
                    Name: 127.0.0.1
                    Address: 127.0.0.1#53
                    Aliases:
                    
                    Host raspsrv.local.lan not found: 3(NXDOMAIN)
                    Received 120 bytes from 127.0.0.1#53 in 0 ms
                    [2.4.5-RC][root@pfSense.local.lan]/root: drill raspsrv.local.lan. @127.0.0.1
                    ;; ->>HEADER<<- opcode: QUERY, rcode: NXDOMAIN, id: 36661
                    ;; flags: qr rd ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
                    ;; QUESTION SECTION:
                    ;; raspsrv.local.lan.   IN      A
                    
                    ;; ANSWER SECTION:
                    
                    ;; AUTHORITY SECTION:
                    .       3463    IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2020013003 1800 900 604800 86400
                    
                    ;; ADDITIONAL SECTION:
                    
                    ;; Query time: 0 msec
                    ;; SERVER: 127.0.0.1
                    ;; WHEN: Thu Jan 30 17:14:01 2020
                    ;; MSG SIZE  rcvd: 110
                    

                    7146798c-fc58-421a-be6b-ac7dc398ef8b-image.png

                    dead on arrival, nowhere to be found.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.