Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    "It queries every configured DNS server simultaneously[…]"

    2.0-RC Snapshot Feedback and Problems - RETIRED
    3
    4
    1614
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      Veni last edited by

      Hi.

      Is there a way of forcing pfSense to only use DNS servers configured for a specific WAN/OPT2/OPT3 that is being used in a WAN failover group?
      As it works today it sends DNS requests on all WAN links(inluding a 3G connection, OPT3) even though primary WAN is up.

      DNS 1.1.1.1 is used for WAN.
      DNS 2.2.2.2 is used for WAN.
      DNS 3.3.3.3 is used for OPT2.
      DNS 4.4.4.4 is used for OPT3.

      An example of how the DNS servers would be used:

      WAN is up, DNS 1.1.1.1 or 2.2.2.2 are used.
      WAN is down, DNS 3.3.3.3 is used.
      WAN AND OPT2 are down, DNS 4.4.4.4 is used.

      I have tried using the option "Allow DNS server list to be overridden by DHCP/PPP on WAN", but at one point after a complete fail-back(to WAN) from a fail-over
      i stil only showed up DNS servers from the slowest 3G connection(the last+slowest fail-over WAN) on the status page.

      The queries do not contain much data but it feels like a waste of 3G resource(any money) when quering something that is slower than WAN
      even though WAN is up.

      1 Reply Last reply Reply Quote 0
      • S
        singerie last edited by

        check that :
        http://redmine.pfsense.org/issues/1408

        it might be related to your issue.

        1 Reply Last reply Reply Quote 0
        • V
          Veni last edited by

          After some reading it sounds that this is the normal behavior of dnsclient, to query every assigned DNS server :P.

          An approach could maybe be as follows:

          Is there a failover group configured(could be a checkbox and/or autosense)?
          If no, then use normal behaviour.

          If yes:
            Only query servers manually configured for this active interface or only query servers automatically configured through DHCP assigned from this active interface.

          1 Reply Last reply Reply Quote 0
          • jimp
            jimp Rebel Alliance Developer Netgate last edited by

            That would take quite a bit of extra logic (prone to extra breakage!) to pull off, if it's even possible.

            Most people have always-on WANs so it's beneficial to query them all at once. 3G is the obvious exception to that, and I think someone already has a feature/todo ticket open for 2.1 so we can have a more sensible dial-on-demand mode for 3G WANs since not just DNS but the connection monitoring traffic can add up over some time. People without unlimited data plans might be surprised at the usage.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post

            Products

            • Platform Overview
            • TNSR
            • pfSense
            • Appliances

            Services

            • Training
            • Professional Services

            Support

            • Subscription Plans
            • Contact Support
            • Product Lifecycle
            • Documentation

            News

            • Media Coverage
            • Press
            • Events

            Resources

            • Blog
            • FAQ
            • Find a Partner
            • Resource Library
            • Security Information

            Company

            • About Us
            • Careers
            • Partners
            • Contact Us
            • Legal
            Our Mission

            We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

            Subscribe to our Newsletter

            Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

            © 2021 Rubicon Communications, LLC | Privacy Policy