• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Default DNS not sent in DHCP packages to client

Scheduled Pinned Locked Moved DHCP and DNS
6 Posts 2 Posters 771 Views 2 Watching
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • L Offline
    larslindnilsson
    last edited by Jul 30, 2023, 5:11 PM

    I'm testing 2.7.0 in a lab setup, and it looks like no DNS information is included in the DHCP packages sent to clients.

    DNS Resolver and DNS Forwarder are both disabled. And I have not filled out any DNS entries in the DHCP Server. This should make it fall back to the DNS settings obtained dynamically.

    "Leave blank to use the system default DNS servers: The IP address of this firewall interface if DNS Resolver or Forwarder is enabled, otherwise the servers configured in General settings or those obtained dynamically."

    Under System Information the upstream gateway IP is shown under DNS server(s), which is what I would expect.

    Clients on the LAN interface can ping the upstream gateway IP and I can do do DNS requests directly against that IP (dig @x.x.x.x). But a normal DNS request just tries against 127.0.0.1 (where no DNS server is running).

    Have I found an error, or have I misunderstood how the DHCP server finds the default DNS?

    G 1 Reply Last reply Jul 31, 2023, 6:24 AM Reply Quote 0
    • G Offline
      Gertjan @larslindnilsson
      last edited by Jul 31, 2023, 6:24 AM

      @larslindnilsson said in Default DNS not sent in DHCP packages to client:

      otherwise the servers configured in General settings or those obtained dynamically."

      What have you set here :

      be167ed9-d592-4567-bacd-25871f8a50cb-image.png

      ?

      No "help me" PM's please. Use the forum, the community will thank you.
      Edit : and where are the logs ??

      L 1 Reply Last reply Jul 31, 2023, 4:01 PM Reply Quote 0
      • L Offline
        larslindnilsson @Gertjan
        last edited by Jul 31, 2023, 4:01 PM

        @Gertjan
        It looks like this:
        8ffce566-1203-42b9-9ba8-015af144088d-image.png

        With DNS Server Override checked. This was the default setting when I installed pfSense. The only thing I changed in the GUI after the install was disabling the DNS Forwarder.

        Reading the text under DNS Server Override it says that this will not be used for DHCP Clients. But that kinds of contradicts what was written under the DHCP Server.

        G 1 Reply Last reply Aug 1, 2023, 6:17 AM Reply Quote 0
        • G Offline
          Gertjan @larslindnilsson
          last edited by Aug 1, 2023, 6:17 AM

          @larslindnilsson said in Default DNS not sent in DHCP packages to client:

          With DNS Server Override checked. This was the default setting when I installed pfSense.

          When connecting to the ISP use pppoe, pfSense will (normally) receive two DNSes from the ISP, these will be the ones stored in /etc/resolv.conf, if this option is checked.
          The same thing for a DHCP WAN connection : a DHCP mostly will contain a DNS or two : these will be stored in /etc/resolv.conf
          Both situations are quiet historical and not really used anymore as pfSense doesn't need them : it used unbound as a resolver.

          I'm pretty sure this option is disabled (not checked) by default.

          @larslindnilsson said in Default DNS not sent in DHCP packages to client:

          The only thing I changed in the GUI after the install was disabling the DNS Forwarder.

          Noop.
          The build in pfSense forwarder (dnsmasq) is there or ancient reasons.
          By default, unbound, the resolver, is used in resolver mode. So the resolver is activated.
          pfSense (DNS) is not forwarding by default and there is a reason for this : an upstream router might propose a DNS, or not. An ISP might hand over a DNS, or not.
          One thing is sure : these DNS servers will work for you, whatever the connection is. So that is the default mode.

          Btw : pfSense is doing DHCP(v4) and you have de activated all pfSense DNS facilities (no resolver, no forwarder).
          I tend to understand that it can't give a 'DNS' IP to it's DHCP clients.

          No "help me" PM's please. Use the forum, the community will thank you.
          Edit : and where are the logs ??

          L 1 Reply Last reply Aug 2, 2023, 10:49 AM Reply Quote 0
          • L Offline
            larslindnilsson @Gertjan
            last edited by Aug 2, 2023, 10:49 AM

            @Gertjan said in Default DNS not sent in DHCP packages to client:

            I'm pretty sure this option is disabled (not checked) by default.

            I just did a new install of pfSense and in the Wizard step "DNS Server Override" was checked.

            @Gertjan said in Default DNS not sent in DHCP packages to client:

            By default, unbound, the resolver, is used in resolver mode. So the resolver is activated.

            My mistake. In the reinstall I can see that the resolver is running and not the forwarder. I did have to restart the resolver service to get it to work properly. Before restarting the service the DNS server replied "WARNING: recursion requested but not available" when I made requests from a LAN client. But other than that, I got a working setup by leaving the default values during the install.

            I still think that the help text under DNS servers in the DHCP server setup can be a little confusing.

            But now I have a much better understanding of the DNS setup in pfSense. Thank you.

            G 1 Reply Last reply Aug 2, 2023, 11:23 AM Reply Quote 0
            • G Offline
              Gertjan @larslindnilsson
              last edited by Aug 2, 2023, 11:23 AM

              @larslindnilsson said in Default DNS not sent in DHCP packages to client:

              I just did a new install of pfSense and in the Wizard step "DNS Server Override" was checked.

              So it's me miss understanding /conf.default/config.xml :

              <?xml version="1.0"?>
              <pfsense>
              	<version>22.2</version>
              	<lastchange/>
              	<system>
              		<optimization>normal</optimization>
              		<hostname>pfSense</hostname>
              		<domain>home.arpa</domain>
              		<dnsserver/>
              		<dnsallowoverride/>
              

              The last line actually means : the option is checked (active)

              When I check it myself :

              		<dnsallowoverride><dnsallowoverride/>
              

              When unchecked, there is no "dnsallowoverride" present in the config.xml file

              Not sure if this default config xml actually gets used, as using option 4 "Reset to factory defaults " in the console/SSH downloads a pfSense package that probably also contains a default config.

              Anyway : when resolving, the DNS given to pfSense from the upstream ISP router, or ISP itself :=> don't care ^^

              No "help me" PM's please. Use the forum, the community will thank you.
              Edit : and where are the logs ??

              1 Reply Last reply Reply Quote 0
              6 out of 6
              • First post
                6/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received