Odd dns forward problem

  • I have pf sense (2.0.1) running with nat.
    on the lan side i have a linux box.

    the pfsense dns forwarder is on. and i have an entry like:
    host   domain            ip
    mypc blahdomain.net   (pfsense lan interface is )

    so far so good. everything works (linux box can ping pfsense and vice versa ) (by ip )

    then i reboot the linux box. when it comes back up neither box can ping the other.
    on pfsense tcpdump shows the incoming icmp but no response.

    i have tried ping -n -r  which does not help either.

    i checked /etc/host on the pf box and see my entry in there
    but host mypc.blahdomain.net gives the real outside address instead of the 192 addy i'd expect.

    at any rate once i remove the entry out of forwarder everything starts to work (pings) then i can put the entry back and everything continues to work until the next linux reboot.

    also if i wait about 5 minutes everything seems to start working on its own.

    this leaves me with some questions.
    1. i thought /etc/hosts would be checked before a dns server for a name (host myname  as an example ) but thats not the behavior i'm seeing here.
    2. what is going on (what have i done wrong) and how do i fix it?

    thanks for your time!

  • LAYER 8 Global Moderator

    What do you have pfsense set to use as dns? or some other dns like your isp?

    Not sure what dns has to do with pinging??  You see the icmp on your pfsense box, are you sure it was not to some outside IP.  If you sent a ping to pfsense IP, it should respond no matter what it thinks your IP resolves too.

    As to what the command host returns – that is dns tool!!  Its going to query dns, not your host file.  Its like a stripped down version of dig.  its going to ask the dns server the os your running it on is configured for.

    If you want your pfsense box to resolve what you have setup in dns host overrides, etc.  Then you need to make sure pfsense is using the dns forwarder as its resolver and not some outside dns.

    now if you were to just ping your host name from pfsense, then depending if you have messed with default resolve order or not then yes host file should be used.  What does your /etc/nsswitch.conf show for your resolve order?  Should be files dns for hosts.

Log in to reply