DNS forwarder not working

  • I am on latest RC3 - I just discovered DNS forward is completely non-functional.  >:(
    I am using 2 WAN (WAN+Opt2)- balanced gateway group.
    I am using traffic shaping (2 WAN, 1 LAN)

    I can't even use the external DNS through this - as if all DNS packets are dropped.

    I have been a pfsense user for many years, also every other variety of open source firewall I could find. So if someone has advice on how to look deeper I would like to hear that, i don't often look at logs of pfsense.



  • Rebel Alliance Developer Netgate

    As I mentioned on the ticket you had opened…

    You must be much more specific than "the latest" - give the precise build date/time and architecture, platform, and so on. Include any error messages you see in the system logs, and any options you have changed/set for the DNS forwarder.

    And try the next new firmware before doing any of that, too.

  • Ok - sorry Jimp - that was silly to say latest. I just read the part where you said go to forum.

    So anyway it was .. 2.0-RC3 (amd64)
    built on Thu Aug 18 01:19:40 EDT 2011 but you were right, it was a config issue.

    But now that I start to think, its a firewall thing. So, as is your firewall doesn't have DNS UDP port rule generated when I set up. So I had to create a rule

    Pass UDP from LAN net * to LAN address 53 (DNS) *

    So when us less practiced users set it up this might be a common error. We guess it will be there, I looked at my old 1.2.x pfsense and saw there was a rule there to let LAN-> any with any protocol work. Perhaps I changed a rule - perhaps it isn't there. I don't know, if this is useful for others then great!



  • Rebel Alliance Developer Netgate

    Out of the box there is a LAN -> ANY rule. If you deleted that or customized the rules in some way that disallowed access, it was only doing as you asked it to do.

    If it isn't shown in that list of firewall rules, it wouldn't get through, even to the firewall itself.

Log in to reply