Unable to resolve DNS request for public domains



  • Hello Guys,

    I apolozise if this has been discussed within the forum, I've try to get an answer for my problem before decide to post this subject. Please let me know if a solution has been provided for it. Below is a description of my architecure.

    HQ:
        1 - Pfsense 2.0 router for Internet Access
                  WAN Interface: Public IP address
                  LAN Interface: 192.168.1.0/24
                  DMZ Interface: 192.168.3.0/24

    2- Pfsense 2.0 router for Interconnection with Branch 1
                  LAN Interface: 192.168.1.0/24
                  WAN Interface: 10.8.245.112/30
                  OpenVPn Tunnel: 192.168.5.0/30

    Branch 1

    1 - Pfsense 2.0.1 router
                  LAN Interface: 192.168.10.0/24
                  WAN Interface: 10.8.245.116/30
                  Open VPN Tunnel network: 192.168.5.0/30

    The link between the HQ and the Branch1 is MPLS Through my provider's network.

    DNS Server running in the DMZ: 192.168.3.50

    I've configured a site to site Open VPN between the HQ and Branch1, the OpenVPN server is based at HQ while the client is in the Branch.

    I'd like to share the HQ internet access with the branch but it is not working.

    The VPN is up and users are able to access all the HQ ressources (servers… etc) without any problem. I've assigned for the Branch router 192.168.3.50 as DNS server within the general setup. By trying to ping www.google.com for example from the branch, I got the ICMP message below:

    From 10.8.245.114 icmp_seq=21 Destination Host Unreachable
    From 10.8.245.114 icmp_seq=22 Destination Host Unreachable
    From 10.8.245.114 icmp_seq=23 Destination Host Unreachable
    From 10.8.245.114 icmp_seq=24 Destination Host Unreachable

    I've tried to capture oubound packets on DNS port (UDP:53) for WAN interface in the branch and what I see is strange to me. DNS queries are sent to the IP 202.106.0.20 and 203.196.0.6. I don't really underestand where these IP are coming from (see the capture result below).

    08:27:27.347514 IP 10.8.245.118.10459 > 202.106.0.20.53: UDP, length 38
    08:27:28.346884 IP 10.8.245.118.10459 > 202.106.0.20.53: UDP, length 38
    08:27:29.346721 IP 10.8.245.118.10459 > 202.106.0.20.53: UDP, length 38
    08:27:30.346556 IP 10.8.245.118.10459 > 202.106.0.20.53: UDP, length 38
    08:27:31.346397 IP 10.8.245.118.10459 > 202.106.0.20.53: UDP, length 38
    08:27:34.346055 IP 10.8.245.118.20528 > 203.196.0.6.53: UDP, length 34

    I've checked within my configuration but I've not used these IP address anywhere. So, I wonder where they are coming from.

    I'd like to share HQ internet with the branch and also understand where these IP addresses are coming from.

    Thanks,


Locked