DNS traffic stops
-
Hello Everyone,
I am having issues with DNS randomly stopping. When DNS stops, everything else still works. As far as I can tell ONLY DNS is impacted.
When I say DNS stops, I mean no hosts from behind the pfsense are able to resolve anything even if using anything other than the pfSense itself (i.e. ISP DNS).
I can still ping stuff/load websites by IP.
The fix is to reboot the entire system, multiple times. Then it will come up and allow nslookups.
The only thing that's changed recently is I've connected a remote branch office by IPSEC back to this site (so the total IPSEC tunnel count went from 2 to 3). Not sure if related.
What could this be?
-
Also thought that I'd add that I have a somewhat complicated NAT setup, which I am working on resolving but haven't been able to as yet.
Network diagram is attached.
-
Really? Why in the world would anyone set it up like that? And you want these devices to be able to talk to each other?
Why do you nat from internet to 192.168.1. And then nat again to 10 networks?
Not sure if 1.0/24 is suppose to be your host address or your network - if network then why do you have other adsl routers showing 192.168.1.10/24 and 1.20/24 ??
I assume the routers in the diagram are pfsense boxes? And you then run ipsec site to site between them?
You say you reboot to fix the issue - what do you fix, and what are you using for dns? So client say on 10.1.2.0/24 – what does he point to for dns, pfsense as forwarder - what does pfsense forward? And what is the client asking for? Something the forwarder is suppose to lookup or something pfsense has in his host file/host overrides?
-
I can't help but wonder, do you have the modems set as routers as well? Are they capable of bridge mode? Something looks very strange here.
