Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS Issues After Upgrading to 25.07

    Scheduled Pinned Locked Moved DHCP and DNS
    5 Posts 3 Posters 84 Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      smsigroupit
      last edited by

      Good day!

      I recently upgraded to version 25.07 and started running into DNS issues. When I set my pfSense IP as the DNS server, I can't seem to access most websites. But if I switch to 8.8.8.8, everything works perfectly.

      Anyone else run into this? Any idea what might be going on?

      Thank you!

      GertjanG S 2 Replies Last reply Reply Quote 0
      • GertjanG Offline
        Gertjan @smsigroupit
        last edited by

        @smsigroupit

        When you installed pfSense, the default DNS settings should work fine. No need to add/change anything.
        Just one condition : your connection has to have access to Internet 'main' root DNS servers (just on of the the avaible 13 would do) and it should be able to contact the TLD servers (the tell you what domain server to contact for a give TLD (== dot com, dot org etc).

        Normally, you don't need a resolver like 8.8.8.8 as pfSense has its own resolver : unbound.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        S 1 Reply Last reply Reply Quote 0
        • S Offline
          smsigroupit @Gertjan
          last edited by smsigroupit

          @Gertjan

          Thanks for the explanation!

          Yeah, I was under the impression the default setup should work too. But after upgrading to 25.07, things started acting up when I use pfSense as the DNS, most websites don’t load. Swapping to 8.8.8.8 fixes it instantly.

          I haven’t changed any DNS settings manually, so I’m wondering if the upgrade might’ve affected Unbound somehow or if there’s a new config quirk I missed.

          Appreciate the input! Let me know if there's anything specific I should look into with Unbound.

          GertjanG 1 Reply Last reply Reply Quote 0
          • GertjanG Offline
            Gertjan @smsigroupit
            last edited by

            @smsigroupit

            Get back to 'DNS default', and do some testing :

            The easy to read test (console or SSH, menu option 8) :

            dig cnn.com +trace +nodnssec

            The normal test (will include DNSSEC 'requests)

            dig cnn.com +trace

            The GUI test :

            f53e1a01-3598-4e7a-ae0c-f1b4b075f2a0-image.png

            No "help me" PM's please. Use the forum, the community will thank you.
            Edit : and where are the logs ??

            1 Reply Last reply Reply Quote 0
            • S Offline
              SteveITS Rebel Alliance @smsigroupit
              last edited by

              @smsigroupit If you have pfSense DNS set to forward ensure DNSSEC is unchecked.

              Otherwise, is Unbound running? What do the logs show?

              Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
              When upgrading, allow 10-15 minutes to reboot, or more depending on packages, and device or disk speed.
              Upvote 👍 helpful posts!

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.