Some TLDs not resolving in pfSense
-
Hey there, so I have had periodic issues with some sites partially working and today I think I may have found the cause of some of the issues.
Today I was directed to a link at http://dev.to that was not working. when I go to the site on my home network I get an NXDOMAIN.
nslookup dev.to Server: SG2100.home.local Address: 192.168.10.1 *** SG2100.home.local can't find dev.to: Server failed
but if I change the resolver to google it works.
nslookup dev.to 8.8.8.8 Server: dns.google Address: 8.8.8.8 Non-authoritative answer: Name: dev.to Addresses: 151.101.130.217 151.101.66.217 151.101.194.217 151.101.2.217
The SG2100 is 192.168.10.1 and it obviously answers itself, albeit after 452ms?
Also works on the same machine if I connect to one of my hotspots (thus not on the pfSense network)
In the Status / DNS Resolver I see the zone
and in the Status/SystemLogs/DNS Resolver I dont see anything of note.
On this paticular system I only have the following packages installed:
- ACMD
- iperf
- WireGuard
So no filtering that I am aware of. and the firewall rules are basically all open.
Any ideas why this might be happening?
Thanks
-
Well, that sucks. As soon as I send this message it started working.
Must have been when I did the lookup via the web interface. and DHCP clients were only told of the router as their resolver. So it must have taken a long time or something.
anyway even after a flushdns it's still working so not sure what happened.
-
Mine has intermittent issues resolving yelp.to. and forums.lawrencesystems.com. If I wait a bit it will resolve eventually. Not sure what's causing this...
[22.05-RELEASE][admin@pf]/root: dig yelp.to +trace ; <<>> DiG 9.16.26 <<>> yelp.to +trace ;; global options: +cmd . 83331 IN NS m.root-servers.net. . 83331 IN NS a.root-servers.net. . 83331 IN NS b.root-servers.net. . 83331 IN NS c.root-servers.net. . 83331 IN NS d.root-servers.net. . 83331 IN NS e.root-servers.net. . 83331 IN NS f.root-servers.net. . 83331 IN NS g.root-servers.net. . 83331 IN NS h.root-servers.net. . 83331 IN NS i.root-servers.net. . 83331 IN NS j.root-servers.net. . 83331 IN NS k.root-servers.net. . 83331 IN NS l.root-servers.net. . 83331 IN RRSIG NS 8 0 518400 20230204050000 20230122040000 951 . kgDwg7Khx9LoLCgFrS84CkJLkSDNOuBqtLAMat2craBdop37SNc716B3 g31YTlQxXL/y3vnRaxukwEk6MeC/ITL+YR+A3yzaiatUxg/+MacqmkGj m2F2TJ51Qem2yFHQJpiWwD6AWrfE2y2Volt4TAU6np9QkFVEBkcZzVp/ sGF89zD1frlpoZpnjaIXTI6R7vMb7yN1QXi7G6Jnp2f9b5gNU+3WaCU9 eDatxWHltAxh/3szYS2T7nbrkx35KuY2QkyGUZLEz+rSHgQ1AeCqvkBY oNTW/GJ7+V17xjpRgMcZumW9LDl544pheMs/fvaj+JRsFYfBbI1GmmEU v81cow== ;; Received 525 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms to. 172800 IN NS colo.tonic.to. to. 172800 IN NS tonic.to. to. 172800 IN NS sydney.tonic.to. to. 172800 IN NS newyork.tonic.to. to. 172800 IN NS helsinki.tonic.to. to. 172800 IN NS frankfurt.tonic.to. to. 172800 IN NS singapore.tonic.to. to. 86400 IN NSEC today. NS RRSIG NSEC to. 86400 IN RRSIG NSEC 8 1 86400 20230204050000 20230122040000 951 . nGj5h4bpgG1raL4+Tu/h065iVwAs8EWsQ8EKR+63cAxzPmGwYtiMgWr0 x/gMZYV89+DRqLRmeHVrHNgCeLCMhkoteqcLOjovfMiFCgVhUuGKN7qg OcqO1yrig2tn6n3H3OQh5T5iICC8WPhMCUgou0INmdM9RDO8Iavx4bv7 dRsZFy/m8Mw9D3n6IOUvRJXmtuSvgmtGiSQyWttaz35ZkVR0STK8Sr5v dYM5iW37qmqO3uatOipxefMS87F+z+v+yqQGpgdWxqulmPzFO3Tuk41L nbbiB+8uwAhvyZTfAs22izl+avw0X1fG34kB9WkS0l6fRp0XYCD/uxEe qnrZWA== couldn't get address for 'colo.tonic.to': not found couldn't get address for 'tonic.to': not found couldn't get address for 'sydney.tonic.to': not found couldn't get address for 'newyork.tonic.to': not found couldn't get address for 'helsinki.tonic.to': not found couldn't get address for 'frankfurt.tonic.to': not found couldn't get address for 'singapore.tonic.to': not found dig: couldn't get address for 'colo.tonic.to': no more
[22.05-RELEASE][admin@pf]/root: dig forums.lawrencesystems.com. +trace ; <<>> DiG 9.16.26 <<>> forums.lawrencesystems.com. +trace ;; global options: +cmd . 83286 IN NS i.root-servers.net. . 83286 IN NS j.root-servers.net. . 83286 IN NS k.root-servers.net. . 83286 IN NS l.root-servers.net. . 83286 IN NS m.root-servers.net. . 83286 IN NS a.root-servers.net. . 83286 IN NS b.root-servers.net. . 83286 IN NS c.root-servers.net. . 83286 IN NS d.root-servers.net. . 83286 IN NS e.root-servers.net. . 83286 IN NS f.root-servers.net. . 83286 IN NS g.root-servers.net. . 83286 IN NS h.root-servers.net. . 83286 IN RRSIG NS 8 0 518400 20230204050000 20230122040000 951 . kgDwg7Khx9LoLCgFrS84CkJLkSDNOuBqtLAMat2craBdop37SNc716B3 g31YTlQxXL/y3vnRaxukwEk6MeC/ITL+YR+A3yzaiatUxg/+MacqmkGj m2F2TJ51Qem2yFHQJpiWwD6AWrfE2y2Volt4TAU6np9QkFVEBkcZzVp/ sGF89zD1frlpoZpnjaIXTI6R7vMb7yN1QXi7G6Jnp2f9b5gNU+3WaCU9 eDatxWHltAxh/3szYS2T7nbrkx35KuY2QkyGUZLEz+rSHgQ1AeCqvkBY oNTW/GJ7+V17xjpRgMcZumW9LDl544pheMs/fvaj+JRsFYfBbI1GmmEU v81cow== ;; Received 525 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms com. 172800 IN NS a.gtld-servers.net. com. 172800 IN NS b.gtld-servers.net. com. 172800 IN NS c.gtld-servers.net. com. 172800 IN NS d.gtld-servers.net. com. 172800 IN NS e.gtld-servers.net. com. 172800 IN NS f.gtld-servers.net. com. 172800 IN NS g.gtld-servers.net. com. 172800 IN NS h.gtld-servers.net. com. 172800 IN NS i.gtld-servers.net. com. 172800 IN NS j.gtld-servers.net. com. 172800 IN NS k.gtld-servers.net. com. 172800 IN NS l.gtld-servers.net. com. 172800 IN NS m.gtld-servers.net. com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766 com. 86400 IN RRSIG DS 8 1 86400 20230204050000 20230122040000 951 . D9wfP4fjVUFOevkn3EmmvrjEwNcfNsIVQnMpQ07PJ1DNXM0XDMfTtUkI zBJPRG+tPrk186yy0F2VOeh3200WZiSVALd3JSq79ieZWUSDCQ/EzVBq +CgSQkJjmPm47u7FPK4fFmTL2BP1nv7Bwuxu5zQMa5WEjABQVWqGTmry Fcg7Z4omeIAgb5SiR+sFQuXlbA7fCqlsHK4coNvYsAXnuJEEKSAZ/oUN WigITLfgaJ6qHandU44wi8XHTMp33L+54Uy25PsTizyH8zc6QE3/+QN7 W/yaEn85ra0YVOIzExvs0/j769wXx+WSXcuU9JfDbYegkk3TvvtS/W1O gE/nQQ== ;; Received 1186 bytes from 193.0.14.129#53(k.root-servers.net) in 153 ms lawrencesystems.com. 172800 IN NS ns1.lawrence.technology. lawrencesystems.com. 172800 IN NS ns2.lawrence.technology. lawrencesystems.com. 172800 IN NS ns3.lawrence.technology. lawrencesystems.com. 172800 IN NS ns4.lawrence.technology. CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q2D6NI4I7EQH8NA30NS61O48UL8G5 NS SOA RRSIG DNSKEY NSEC3PARAM CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20230126052302 20230119041302 36739 com. jU0jDdLit4qUktHrFwTh+jVxOYvRWcbFuSbj/IE2LkQ7FMcmUETuXuDV NZcBXYqVwxSiWjo38Q/x4o84qu10aLafUtUXlCe3uS8Ogkz9YWi9QEuh XmQmhYX9c0RIb0oKg/EGx5K6MflaG2aANx0QZCKefO0w0ejXTrzjXjUW Nhfb8NqRD4c2M1Sw4kdaUhBfiuq/rW2fL8WvyVEH3baXrw== U6O0OCQU8V5GTBRGTLMHBJ4G87A1EE0L.com. 86400 IN NSEC3 1 1 0 - U6O18CIKNDUF3GMAVN7R2VOV25LFBOK3 NS DS RRSIG U6O0OCQU8V5GTBRGTLMHBJ4G87A1EE0L.com. 86400 IN RRSIG NSEC3 8 2 86400 20230127063104 20230120052104 36739 com. pyXaWNOuNrS0orReEht37LeN6mqL0N1cnh/sA+EPdoqsJvDkuiBMpG3L anzx2jeVxtpYKL8PcAVFZ6/BOsgwL8gDZvOx8Zy9MLp4umRsyD78LnXn ytjok7zgJFSLV5WVrVZ/iF2Px3H+97wHovxiZ9S59v/2JKW8+JA+IU1s 3YA8BvwA+Qd3XLKxURK5UcLTytxTM/r727t21eMcQMKBsg== couldn't get address for 'ns1.lawrence.technology': not found couldn't get address for 'ns2.lawrence.technology': not found couldn't get address for 'ns3.lawrence.technology': not found couldn't get address for 'ns4.lawrence.technology': not found dig: couldn't get address for 'ns1.lawrence.technology': no more