Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    127.0.0.1 shows as DNS server? (2.0-RC3 i386)

    2.0-RC Snapshot Feedback and Problems - RETIRED
    8
    15
    17162
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      seh2000 last edited by

      Hi,

      Since the last two snapshots (current snapshot is 2.0-RC3 i386 20110809 15:52) I noticed in Dashboard under DNS Server(s) 127.0.0.1 (localhost) listed as a DNS server (see attached screen shot) I don't recall having seen this before.
      How come or what have I done wrong in my configuration? Shall I just forget/ignore?

      BR// Steen

      ![pfSense Dashboard DNS 08102011 01 sh.jpg_thumb](/public/imported_attachments/1/pfSense Dashboard DNS 08102011 01 sh.jpg_thumb)
      ![pfSense Dashboard DNS 08102011 01 sh.jpg](/public/imported_attachments/1/pfSense Dashboard DNS 08102011 01 sh.jpg)

      1 Reply Last reply Reply Quote 0
      • T
        tebeve last edited by

        2.1-DEVELOPMENT (i386)
        built on Tue Aug 9 22:33:41 EDT 2011

        Just updated to the lastest snap today from July 8th RC3 snap… I'm seeing this now also.

        1 Reply Last reply Reply Quote 0
        • E
          eri-- last edited by

          IT is ok, just ignore :)

          1 Reply Last reply Reply Quote 0
          • T
            tebeve last edited by

            @ermal:

            IT is ok, just ignore :)

            I pretty much assumed it was nothing, I mean the localhost in this case is doing dns… but thought I would report also in case it was something that had slipped through you guys didnt want.

            Thanks ermal.

            1 Reply Last reply Reply Quote 0
            • S
              seh2000 last edited by

              @ermal:

              IT is ok, just ignore :)

              I can ignore, but why suddenly appear, not seen in any of the previous 2.0 release candidates (1, 2, 3) before Friday or Saturday snapshot, is it a bug or something?
              Steen

              1 Reply Last reply Reply Quote 0
              • C
                Cino last edited by

                @seh2000:

                @ermal:

                IT is ok, just ignore :)

                I can ignore, but why suddenly appear, not seen in any of the previous 2.0 release candidates (1, 2, 3) before Friday or Saturday snapshot, is it a bug or something?
                Steen

                It was adding to the system a couple of days ago, thats why your seeing it now
                https://github.com/bsdperimeter/pfsense/commit/8ac329daa06dbc88748df5ca7158d44edd5936f8

                1 Reply Last reply Reply Quote 0
                • S
                  seh2000 last edited by

                  Thanks Cino - remember the issue (I had similar problem as reported in #1407), but was not expecting to see "localhost" under DNS Server(s) in the dashboard.
                  Steen

                  1 Reply Last reply Reply Quote 0
                  • R
                    rkage last edited by

                    And what happens when you don't enable the DNS forwarder, delayed/failed lookups?

                    1 Reply Last reply Reply Quote 0
                    • jimp
                      jimp Rebel Alliance Developer Netgate last edited by

                      @rkage:

                      And what happens when you don't enable the DNS forwarder, delayed/failed lookups?

                      It should fall back to the old behavior, and just not include that as a DNS server. (I just added a check for that, should be in snaps later this evening/tomorrow)

                      1 Reply Last reply Reply Quote 0
                      • johnpoz
                        johnpoz LAYER 8 Global Moderator last edited by

                        I just noticed this today, and I do not use the built in forwarder.  I run unbound package - so I had to modify the unbound.conf directly to listen on loopback, since highlighting both lan and loopback did not seem to work in the unbound gui setup.

                        This now works just fine, I actually like this if your running a full recursive resolver like unbound - why not use it vs some outside dns like google or your isp.

                        1 Reply Last reply Reply Quote 0
                        • E
                          eri-- last edited by

                          The primary reason for the change was to have better behviour on multiwan since people were reporting issues with dns during switching to other WANs.
                          This change will help those cases.

                          But even your view on using your dns instead of something outside there and rely only on it is valid as well.

                          If unbound did not start from GUI but started from command line can you show the difference in generated config so the GUI can be fixed?

                          1 Reply Last reply Reply Quote 0
                          • johnpoz
                            johnpoz LAYER 8 Global Moderator last edited by

                            Well it started just fine from the gui, but did not bind to the loopback like you would think it would do when you highlight it ;)

                            I just manually edited the unbound.conf from the shell and then hit restart in the services section of the gui and working fine line that.

                            Anything you need for help, just let me know – and I agree I like the loopback option.

                            1 Reply Last reply Reply Quote 0
                            • W
                              wagonza last edited by

                              Ok package updated. It now listens on both v4 and v6 loopback addresses (when selected). On a side note I also added a process to update the root trust anchor file, to ensure that the file is valid and works for DNSSEC validation.

                              1 Reply Last reply Reply Quote 0
                              • johnpoz
                                johnpoz LAYER 8 Global Moderator last edited by

                                what about ability to add ipv6 in the ACLs? ;)

                                1 Reply Last reply Reply Quote 0
                                • W
                                  wagonza last edited by

                                  @johnpoz:

                                  what about ability to add ipv6 in the ACLs? ;)

                                  heh :) the page is here in my repo. I just need to polish it off before i submit it to the masses.

                                  1 Reply Last reply Reply Quote 0
                                  • First post
                                    Last post

                                  Products

                                  • Platform Overview
                                  • TNSR
                                  • pfSense
                                  • Appliances

                                  Services

                                  • Training
                                  • Professional Services

                                  Support

                                  • Subscription Plans
                                  • Contact Support
                                  • Product Lifecycle
                                  • Documentation

                                  News

                                  • Media Coverage
                                  • Press
                                  • Events

                                  Resources

                                  • Blog
                                  • FAQ
                                  • Find a Partner
                                  • Resource Library
                                  • Security Information

                                  Company

                                  • About Us
                                  • Careers
                                  • Partners
                                  • Contact Us
                                  • Legal
                                  Our Mission

                                  We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                                  Subscribe to our Newsletter

                                  Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                                  © 2021 Rubicon Communications, LLC | Privacy Policy