DNS was not resolving for 1 interface - restart of the service "resolved" the problem.

frater

I just went through a remote troubleshooting session where a client wasn't able to "get Internet" using a newly created interface.
Most of the time I was focused on a VLAN misconfiguration, but in the end it turned out that it was merely the DNS-server which wasn't working for that new interface.

Restarting the "DNS Resolver" solved the problem.

Alas, due to this restart, I am now unable to check what /var/unbound/unbound.conf or /var/unbound/access_lists.conf was at the time.
These have now been rewritten.

I have back-ups for every change in configuration of Pfsense itself, but none of the native configurations.

I'm speculating here somewhat, but I think I changed the IP-network after creating it and the unbound service wasn't restarted then.

Can this be confirmed or denied?

The Pfsense configuration for unbound was and is completely default.

<unbound>
<enable/>
<dnssec/>
<active_interface/>
<outgoing_interface/>
<custom_options/>
<hideidentity/>
<hideversion/>
<dnssecstripped/>
</unbound>

SteveITS

@frater Unbound does seem to need a restart to see new interfaces.

In many places pfSense will overwrite files based on the pfSense config file. Best to make changes in the pfSense GUI.