DNS stopped working completely



  • Hi, I've been having really bad issues with the DNS Resolver unbound service where it will constantly try to restart and fail to do so. I ended up disabling the service altogether and just specifying a DNS server but it seems pfsense has lost all ability to use name resolution at all. With everything related disabled and just reaching out to a public DNS it will work for about 10 minutes then fail to resolve anything. Unfortunately nothing seems to actually be failing that I can see so the logs dont have anything to explain it.



  • Well, you always need a some DNS, if you want "URL's" (host names) to be converted in IP addresses.
    If even the DNS server down the road doesn't work for you, you have a pretty solid proof that your issue isn't DNS related at all, it's more the quality of your connection.

    Btw : you do not need to use the DNS resolver or cache that is proposed by pfSense : you can setup your devices with a DNS that specified yourself - instead of getting one from DHCP, set it to 8.8.8.8. In that case, your device will not use pfSense for any DNS requests, but contact some other DNS service.

    But : consider this : if the Resolver doesn't work, consider your underlying Internet connection pretty broken. Let's face it : if you can't contact one of the 11 main Internet "index" servers, you can't resolve anymore. The protocol being used is a couple of decades old, and rather well tested.
    The resolver used by pfSense (unbound) is used by billions at this very moment.

    @walrusmann said in DNS stopped working completely:

    try to restart and fail to do so.

    The resolver, unbound, using default settings, uses a small startup settings file, and will even run quiet well on a ten years old processor - and little memory.
    But you could 'kill' it right away by adding adding and using pfSense packages that add thousands, if not millions of lines, to the settings file : packages like pfBlocker-ng(devel), just to mention one, can make unbound to load very slowly, or have it crashed. Because you did not added resources like CPU power or more memory to do it's job.
    Easy to test what the issue is : just run pfSense with the default settings, throw away all the stuff you added yourself and you see everything works again.
    Now, you'll be needing no-one to draw your conclusions ^^

    edit : aha : you are actually using pfBlockerNG devel ?
    Save (export) your settings, and then goto default without exceptions. You'll be fine then.



  • @Gertjan thanks for the response. I do not have any packages installed as I have reset to default settings. I took pfsense out altogether and I seem to get connection through a store bought router. When i go through pfsense though, the connection goes in and out constantly but network connectivity and the WAN ip stay good.


Log in to reply