Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    dns resolver stop problem!

    DHCP and DNS
    dns resolver dns forwarder
    3
    6
    1.4k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      enesas
      last edited by

      The DNS resolver stops itself when there is an internet disconnection on the modem to which pfsense is connected. and it has to be started manually each time.
      why is he doing this?
      maybe it will be silly but do we have to use dns resolver?
      why no internet without it?

      S GertjanG 2 Replies Last reply Reply Quote 0
      • S
        SteveITS Rebel Alliance @enesas
        last edited by

        @enesas I haven't experienced that but have seen other reports, e.g.
        https://forum.netgate.com/topic/172670/local-dns-stops-working-if-wan-goes-down

        The DNS Resolver is not required. pfSense needs DNS to check for updates, and of course LAN devices need DNS. You can stop Resolver, configure external DNS in System/General, and configure PCs to use some other DNS server.

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote ๐Ÿ‘ helpful posts!

        E 1 Reply Last reply Reply Quote 0
        • E
          enesas @SteveITS
          last edited by

          @steveits system>general also dns is assigned. But I have blocked other dns requests outside the firewall. To take advantage of pfblocker.
          if i delete pfsense dns forwarding rule can i use pfblocker?

          S 1 Reply Last reply Reply Quote 0
          • S
            SteveITS Rebel Alliance @enesas
            last edited by

            @enesas If you're using pfBlocker's DNSBL feature, that uses DNS Resolver to function. Other pfBlocker features like block feeds do not.

            Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
            When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
            Upvote ๐Ÿ‘ helpful posts!

            1 Reply Last reply Reply Quote 0
            • GertjanG
              Gertjan @enesas
              last edited by Gertjan

              @enesas said in dns resolver stop problem!:

              The DNS resolver stops itself when there is an internet disconnection on the modem to which pfsense is connected.

              When the modem looses it's uplink connection, what happens to it's LAN interface (== pfSense WAN) ?
              And at the same time, what does the system logs tell you ?

              It's years for me when I last used a modem, but back then, when the uplink, cable type or DSL died, the modem also took down its LAN interface. That's understandable, as this is the only way to signal the down stream device (nearly always a router, like pfSense these days) that the connection is lost.
              The pfSEnse resolver, unbound, is 'bound' to the WAN interface as this is the outgoing interface so unbound can question domain name servers on the Internet : that's it's job.
              If the WAN interface goes down, unbound will get stopped.
              It would / should get started again as soon as the pfSense WAN (== the modems uplink and it's LAN interface) comes up again.

              If WAN stays down for a longer time : consider changing ISP.

              A trick : get a 5$ 2 port switch.
              Put it between your modem's LAN port and the pfSense LAN port.
              This switch, as pfSEnse, and the modem, should be fed and protected by an UPS.

              Now, when the modem (ISP) goes down again, your WAN on pfSense stays up, unbound keeps on running, although it wouldn't be able to resolve non local domains any more for the duration.

              Using a switch could also have some disadvantages.
              Like : pfSense can't see when the connection goes down, and because you use a modem, it should probably re negotiate a connection like PPPOE to re enable the connection to the ISP.

              Normally, 'dpinger' should detect this situation : see System > Routing > Gateways > Edit (select your WAN).
              If dpinger detects a longer loss of pings, it will bump the WAN, thus restarting also the PPPOE or DHCP-client (and restating unbound etc).

              No "help me" PM's please. Use the forum, the community will thank you.
              Edit : and where are the logs ??

              E 1 Reply Last reply Reply Quote 0
              • E
                enesas @Gertjan
                last edited by

                @gertjan -After Wan is active, DNS resolver does not start automatically.

                We will review your suggestions.
                thank you

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post