Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS traffic stops

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 3 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      breakaway
      last edited by

      Hello Everyone,

      I am having issues with DNS randomly stopping. When DNS stops, everything else still works. As far as I can tell ONLY DNS is impacted.

      When I say DNS stops, I mean no hosts from behind the pfsense are able to resolve anything even if using anything other than the pfSense itself (i.e. ISP DNS).

      I can still ping stuff/load websites by IP.

      The fix is to reboot the entire system, multiple times. Then it will come up and allow nslookups.

      The only thing that's changed recently is I've connected a remote branch office by IPSEC back to this site (so the total IPSEC tunnel count went from 2 to 3). Not sure if related.

      What could this be?

      1 Reply Last reply Reply Quote 0
      • B
        breakaway
        last edited by

        Also thought that I'd add that I have a somewhat complicated NAT setup, which I am working on resolving but haven't been able to as yet.

        Network diagram is attached.

        nat.png
        nat.png_thumb

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by

          Really?  Why in the world would anyone set it up like that?  And you want these devices to be able to talk to each other?

          Why do you nat from internet to 192.168.1.  And then nat again to 10 networks?

          Not sure if 1.0/24 is suppose to be your host address or your network - if network then why do you have other adsl routers showing 192.168.1.10/24 and 1.20/24 ??

          I assume the routers in the diagram are pfsense boxes?  And you then run ipsec site to site between them?

          You say you reboot to fix the issue - what do you fix, and what are you using for dns?  So client say on 10.1.2.0/24 – what does he point to for dns, pfsense as forwarder - what does pfsense forward?  And what is the client asking for?  Something the forwarder is suppose to lookup or something pfsense has in his host file/host overrides?

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • T
            thegreatga
            last edited by

            I can't help but wonder, do you have the modems set as routers as well?  Are they capable of bridge mode?  Something looks very strange here.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.