Strange DNS Resolution
I have a huge problem with pfsense and my new internet carrier. Please help me to locate the problem because right now I am more then frustrated and have no more ideas…
here is my minimal setup:
- static SDSL internet connection with static IP (Provider is HessenKom)
- Cisco Series 800 Router (provided by HessenKom)
- PFSense 2.1.3 (WAN: fixed IP 18.104.22.168; LAN: 192.168.1.1)
- Zyxel Switch (192.168.1.2)
- PC with LAN-Cable (192.168.1.100 = DHCP)
I have internet access because I can open google.de and heise.de on the PC. I could search google and I updated the PFSense to the latest version. BUT most other pages could not be loaded. www.spiegel.de, www.tagesschau.de and many others are not found.
What I already tried:
first I thought it must be a problem with the DNS setup. So I changed the provided DNS Server of hessenKom (22.214.171.124) against the DNS-Servers of google (126.96.36.199 and 188.8.131.52). Still the same problem. I tried to ping the pages directly from PFSense and I received a real weard IP for spiegel.de. I tried traceroute but I seems like google.de is available and spiegel.de or tagesschau.de is not available.
I attached many screenshots with more information.
Thanks in advance for your help
** it seems that the upload function is not working right now or has problems with my screenshots.. Therefore you can find some screenshots of the problem on of my domains: http://build.bigtoe.de/pfsense/
that is the right ip for
PING www.spiegel.de (184.108.40.206) 56(84) bytes of data.
64 bytes from unknown.prolexic.com (220.127.116.11): icmp_seq=1 ttl=242 time=455 ms
64 bytes from unknown.prolexic.com (18.104.22.168): icmp_seq=2 ttl=242 time=444 ms
as to your traceroute - that is odd for sure.. works here, make sure you pick wan as your source interface. You haven't put a gateway on your lan interface have you?
1 24.13.xx.xx 10.001 ms 9.106 ms 17.270 ms
2 22.214.171.124 9.035 ms 9.398 ms 9.312 ms
3 126.96.36.199 13.454 ms
188.8.131.52 16.377 ms
184.108.40.206 10.803 ms
4 220.127.116.11 14.114 ms 11.883 ms 11.906 ms
5 18.104.22.168 11.648 ms 10.782 ms 18.892 ms
6 * * 22.214.171.124 37.482 ms
7 126.96.36.199 39.345 ms 37.978 ms 39.309 ms
8 * * *
9 188.8.131.52 40.112 ms 39.167 ms 39.405 ms
10 184.108.40.206 38.765 ms 37.794 ms 38.049 ms
11 220.127.116.11 37.275 ms 37.743 ms 37.319 ms
snipped IP of my first hop for privacy.
thanks for your quick reply. You are right. The IP is correct and belongs to spiegel.de. It first thought it has to be wrong because if you directly access the ip the spiegel.de page is not shown…
So this means the DNS resolution is correct, right?
That means as consequence it has to be some filter roules or some wrong settings?
Do you have any idea where to look at?
The installation is as clean as possible therefore there are no blocking rules. Also I could not really image that wrong settings are the problem because google.de is working without problem. Any guesses or ideas? Should I post more screenshots of some pages?
What do you mean with gateway for the lan interface? The lan interface provides DHCP to the clients and of cause the pfsense firewall is the default gateway for all clients. Might there be a problem with the cisco router? I don't know the ip of the cisco modem and as far as my provider told me I don't have to change anything on this piece of hardware...
Hi johnpoz and everybody else,
finally I found the problem. The subnet was wrongly defined. I changed from 34.xxx.xxx.xxx/24 to 34.xxx.xxx.xxx/30 and now everything works perfect.
Still strange that google works and other pages not.
Thanks for your help and best regards