pfSense DNS stops working - searching logs
-
This is a sudden and random phenomenon.
Negate 6100 running 23.05
This issue has happened yesterday evening and now this morning. DNS stops working on my LAN. Thinking it might be a local issue I started getting alerts from my uptimeKuma instance in Linode (wireguard tunnel back to pfsense). I have an alert set up to query pfsense DNS every minute. Then i noticed i couldnt resolve local domains (going through HA proxy) and external domains such as Google or cnn or Facebook. I have logs being dumped into Graylog but i dont know what if anything i should look for to determine root cause.
Although DNS was not functioning, routing was working fine as i was able to ping/traceroute to external IPs by using IP addrs. Its defiently a pfSense issue as local and remote sites not responding but im not sure how to dig through the logs.Any help would be appreciated it.
Local computer
Uptime Kuma DNS check - Notice the time lines up with the local computer outage.
-
Are you using Unbound with DoT in forwarding mode?
If so you can try this workaround: https://redmine.pfsense.org/issues/14056#note-6
Steve
-
-
Then try that workaround.
-
@stephenw10
Just put in the workaround. Interesting that i am now running into this. Reading the noted thread in the redmine. If it happens again ill let you know.
Thanks for the quick response. -
@stephenw10 The only thing i would say is would this impact internal name resolution as well? As i mentioned i couldnt resolve anything internal - sites that go through my HA Proxy set up.
-
I wouldn't expect it to but then again I wouldn't have expected an ASLR issue to affect external queries like that either.
It's a known issue and you are running a configuration that I expect to hit it.
-
@stephenw10 Fair enough. Appreciate it man.
