Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS failures

    Scheduled Pinned Locked Moved DHCP and DNS
    3 Posts 2 Posters 175 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      steve_gase
      last edited by

      I have a home network using pfsense 2.7.0, working fine for over a year.
      Today multiple clients on the network are unable resolve a hostname. Other network connections are working fine.
      I've power-cycled the router and it clears the problem for a few minutes, and then it stops again.
      I started with DNS server 1.1.1.1 and have switched to 8.8.8.8 (and other servers like 1.0.0.1 and 8.8.4.4). With each switch (no reboot) the DNS resolves for a few minutes and then stops working again.
      If I change the client config to hard-code the DNS server 8.8.8.8, everything continues to work -- it is ONLY the DNS service going through pfsense.
      I can ping the DNS servers without issue.

      Any idea of what I might be seeing?

      S 1 Reply Last reply Reply Quote 0
      • S
        SteveITS Galactic Empire @steve_gase
        last edited by

        @steve_gase upgrade to 2.7.2.

        If you are forwarding in the Resolver settings, uncheck the option for DNSSEC.

        If you are registering DHCP leases in DNS, note unbound restarts at every lease renewal.

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote ๐Ÿ‘ helpful posts!

        S 1 Reply Last reply Reply Quote 0
        • S
          steve_gase @SteveITS
          last edited by

          @SteveITS -- thanks! I upgraded to 2.7.2 and disabled DNSSEC and everything is looking good so far. Much appreciated!! ๐Ÿ˜€

          1 Reply Last reply Reply Quote 1
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.