DNS Forwarder not resolving

marama

Hi.
I believe I don't quite understand how DNS on pfSense works.

"System/General Setup/DNS Server Settings" is set to 8.8.8.8
"Services/DNS Forwarder" is enabled,

if I try to resolve local entries using the pfSense, it doesn't seem to work.

nslookup localserver.domain.com 172.16.0.1 // (pfsense-ip)
C:\Users\aaganovic>nslookup snipeit.parkside.at 172.16.0.1
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 172.16.0.1

Any idea why?

EDIT: Seems like it is not working only when the primary WAN (we are running dual WAN setup) is down.

bingo600

@marama
Remember 8.8.8.8 does not know your local dns names.

Why did you "fiddle" with the default DNS settings ?
pfSense default comes with a much better possibility , to query locally and then the DNS A-Root servers. There is normally no reason to specify 8.8.8.8 on pfSense ...

Specifying a public DNS server , that's for PC's that doesn't have a running resolver (unbound).

Try to revert back to the default settings.

/Bingo

marama

@bingo600 I didn't fiddle with anything. We have split DNS with DNS forwarder and host overrides because of historical reasons. Back then, there was no "DNS resolver". I thought pfSense would first check if there is an host override in place, if not, then it would query the public DNS server. That setup has been working for years now, and I didn't want to change anything, since it was running fine. Today, our primary WAN failed, the failover to secondary WAN worked, but DNS didn't play ball as pfSense failed to return any DNS queries (not overrides, not public).

What would be the right approach here (involving the least risk of breaking something)?
I guess I'd need to get rid of forwarder and switch to resolver, right?

bingo600

@marama
You are saying all your local name resolving is based on host overrides ?
That could be done with unbound (resolver) too.

I have no experience with the DNS forwarder.

Sorry

/Bingo