pfsense dns cache? ping sends me to my server
-
So yesterday there appears to have been a dns issue with pkg.freebsd.org. It has since been resolved.
But now it seems like the firewall is mad and won't go back to normal.
If I try to ping pkg.freebsd.org it comes back to host unkown or if I try dns lookup it comes back with my server ip.
How do I get the firewall to stop sending requests to get pkg.freebsd.org to the abyss.
Mod Edit: removed public IPs
-
Tried doing a dns flush, still having the same issue
-
Well you are seeing no response from anything except 9.9.9.9. So anything cached is going to be there.
What do you expect that to resolve to? Are other devices resolving it correctly?Steve
-
@stephenw10
First my apologies.The timing of what happened could not have been worse for me.
I was trying to do a fresh install of a FreeBSD VM and all of the sudden I can't do pkg downloads. I could ping them with the other VMs (but they were not FBSD). I ended up trying from pfsense and got the same error. So I was convinced it was the firewall.
It wasn't
The issue was a DNS issue that literally flat lined pkg.freebsd.org
It wasn't even FBSD doing server maintenance. And to top it off the DNS issue was bad enough that it would not switch it to an alternate ip or location. Its enough to drive one crazy.
I found out through FBSD forums and their discord. It was bizarre because you could ping freebsd.org but not pkg.freebsd.org. And this happened when I was trying to build a machine off a boot only ISO. It was getting to the point where it seemed like Tequila was the only suitable answer but even my bartender doesn't understand Unix.
So thank you for putting with me on this one and my apologies for the trouble I caused.
-
@understudy said in pfsense dns cache? ping sends me to my server:
Tried doing a dns flush, still having the same issue
You understand you have a wildcard setup on your public dns right??
I can go to anything.yourdomain and get back that IP
;; QUESTION SECTION: ;lsjflsjdsf.brendhanhorne.com. IN A ;; ANSWER SECTION: lsjflsjdsf.brendhanhorne.com. 86400 IN A 104.x.x.xNot sure what that has to do with some issue freebsd dns was having?
-
@johnpoz
HiI did not. I will check the record and see if I can fix that. Thank you.
-
@understudy I don't normally post public IPs - but you were pretty open about it - just let me know if you would like me to remove the public IP from this thread.
That wildcard explains what you were seeing. Not a good idea to use the same public domain as your local, especially your going to have your clients use a search suffix with that domain, etc.
I would use say yourdomain.lan for local - or just use the new home.arpa domain, etc.
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 24.11 | Lab VMs 2.8, 24.11 -
@johnpoz
I appreciate that if you would go ahead and remove it. I am looking at the DNS from the ISP now.Sincerely,
Brendhan -
@johnpoz The fun thing is the webserver behind the DMZ does vhosts so that is why there is a wildcard in the DNS for the domain.
