Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS forward issue

    DHCP and DNS
    1
    1
    196
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      aniodon
      last edited by aniodon

      Hello,

      I have a strange issue with my dns resolver

      My setup is as follow :

      Servers interface --> Active directory / DNS forward to PFSENSE -> PFSENSE DNS Resolver forward to my ISP DNS.

      in this setup, every server has DNS resolver OK. But there will be a moment where PFSENSE stops forwarding to my isp, permanently, until i reboot pfsense.
      I use the DNS resolver, not the forwarder, and in the resolver i use the forwarder mode.
      i listen on all interface, and out to all. I just tried to listen to lan/localhost and out to carp wan, with no more luck

      I can see when having the issue:

      • no DNS Block in pfsense
      • dns requests states from servers to my AD (ok)
      • Dns requests states from the AD to the pfsense lan interface (ok). The states are MULTIPLE:MULTIPLE, with traffic ko in both ways
      • no dns request to the isp dns ip (ko)
      • nslookup google.fr on my pfsense LAN ip (master or slave) or on the CARP ip, from one of my server : KO
      • nslookup google.FR on my isp ip from one of my server : OK
      • I have NO stats in the DNS resolver Status on the primary pfsense (nothing written in cache speed and cache stats), and i have some stats on the slave .

      I have tried to :

      • restart the DNS resolver, still having the issue
      • dns lookup through the webui : I have an answer from my ISP, it is ok (my pfsense is set up to use the DNS RESOLVER itself)
      • read the resolver log : i do not see anything i ask in my log (ie : nslookup google.com --> no google.com found in log). I only see the requests done through the ui

      The only way to make it ok, is to restart the pfsense.

      Please note, i have an AD in 2 node, and a CARP Pfsense setup. My dns settings are default, except the forward mode ticked.

      would someone have an idea to point me something to investigate ?

      appreciate your time,

      olivier

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.