Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    No NTP Peers/local DNS resolution not working after 2.5.1

    Scheduled Pinned Locked Moved General pfSense Questions
    6 Posts 2 Posters 774 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • MikeV7896M
      MikeV7896
      last edited by MikeV7896

      So, after upgrading to 2.5.1, I found myself with NTP reporting no NTP peers. I turned on the detailed logging, and it appears that DNS resolution within my pfSense box is not working.

      Apr 15 17:33:32	ntpd	46284	retrying DNS ntp.theforest.us: Name does not resolve (8)
Apr 15 17:33:32	ntpd	46284	retrying DNS time-e-g.nist.gov: Name does not resolve (8)
Apr 15 17:33:32	ntpd	46284	retrying DNS ntp-1.vt.edu: Name does not resolve (8)
Apr 15 17:33:32	ntpd	46284	retrying DNS clock.nyc.he.net: Name does not resolve (8)

      I had no problems with NTP or DNS resolution prior to the upgrade to 2.5.1, and I can still resolve DNS just fine from hosts on my network, using just pfSense to do so. So I don't know why I can't resolve DNS within my pfSense box.

      Settings > General has just 127.0.0.1 as the DNS server, and it will not fall back to remote servers
      Services > DNS Resolver is set to listen for requests on all interfaces

      Edit to add: Status > DNS Resolver shows no statistics related to DNS resolution, as it has in the past.
      Edit 2: From a shell, I can dig @[lan IP] domain.com and it will resolve as expected. Without specifying the LAN IP as the server (which I assume will use localhost then, since that's what's in resolv.conf), it simply returns this:
      net.c:536: probing sendmsg() with IP_TOS=b8 failed: Can't assign requested address

      The S in IOT stands for Security

      1 Reply Last reply Reply Quote 0
      • ahking19A
        ahking19
        last edited by

        @virgiliomi I was able to get NTP working by disabling pfBlockerNG.

        Next I'll see if I can whitelist the NTP pools.

        MikeV7896M 1 Reply Last reply Reply Quote 0
        • MikeV7896M
          MikeV7896 @ahking19
          last edited by

          @ahking19 I'm pretty sure my issue is DNS resolution within my pfSense box... I don't want to provide IP addresses for my NTP servers though, as all of them have both IPv4 and v6 addresses, so I'd rather they use whichever is best.

          The S in IOT stands for Security

          MikeV7896M ahking19A 2 Replies Last reply Reply Quote 0
          • MikeV7896M
            MikeV7896 @MikeV7896
            last edited by

            Yep... this fixed it...

            https://forum.netgate.com/topic/162978/unbound-stop-working-on-127-0-0-1-after-2-5-1-upgrade

            The S in IOT stands for Security

            ahking19A 1 Reply Last reply Reply Quote 0
            • ahking19A
              ahking19 @MikeV7896
              last edited by

              @virgiliomi

              I don't want to provide IP addresses for my NTP servers though<<

              I wasn't using IP addresses. I was using pool names -> us.pool.ntp.org & time.cloudflare.com

              1 Reply Last reply Reply Quote 0
              • ahking19A
                ahking19 @MikeV7896
                last edited by

                @virgiliomi My problem seems different. Removing 127.0.0.1 from General | DNS Server and rebooting doesn't fix the issue.

                Stop pfBlockerNG and NTP peers show up.

                • running 21.02.2 on SG-1100
                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.