pfSense can't resolve domains with Tailscale active after a few days
-
I have a 1100 with Tailscale installed. After a while, the firewall itself can't resolve domains. The clients still can.
Using Unbound, Google and Cloudflare DNS and "Use local DNS (127.0.0.1), fallback to remote DNS Server" in the General setup page.
[23.01-RELEASE][root@pfsense1100]/root: nslookup netgate.com
;; communications error to 100.100.100.100#53: timed out
;; communications error to 100.100.100.100#53: timed out
;; communications error to 100.100.100.100#53: timed out
;; no servers could be reachedThis issue also happened with 22.05
If i restart the Tailscale service:
[23.01-RELEASE][root@pfsense1100]/root: nslookup netgate.com
Server: 127.0.0.1
Address: 127.0.0.1#53
Non-authoritative answer:
Name: netgate.com
Address: 199.60.103.4
Name: netgate.com
Address: 199.60.103.104
Name: netgate.com
Address: ::ffff:199.60.103.104
Name: netgate.com
Address: ::ffff:199.60.103.4I have a 7100 with the same setup, no issue:
[23.01-RELEASE][root@pfsense7100]/root: nslookup netgate.com
Server: 100.100.100.100
Address: 100.100.100.100#53
Non-authoritative answer:
Name: netgate.com
Address: 199.60.103.4
Name: netgate.com
Address: 199.60.103.104
Name: netgate.com
Address: ::ffff:199.60.103.104
Name: netgate.com
Address: ::ffff:199.60.103.4Tailscale 1.36.0 on the 1100 and 1.38.3 on the 7100.