Strange Internet Issue after Upgrade



  • So after I upgrade a couple days ago I noticed some strange behavior, when trying to connect to websites it it will say the page cannot be loaded then no internet connection and after a while it will connect. The really strange thing is at the same time other websites will load just fine. Sites will take forever to load when they actually load on the first run. Though this only happens with my computers, my android phone has no issue whatsoever. I have a feeling it might be a DNS issue but I am not sure, I tried switching to DNS forwarder from resolver and well as having both disabled and the issue always remand. I tried switching to OpenDNS from Google DNS as the listed DNS servers. I am double NATed since I live in a dorm right now but I have never had an issue with it before. When I run a traceroute sometime is will run fine but slowly at some points, but other times it will just hang and give up, returning **** three times at the end. It has gotten a little better because when it started I could get barely anything to load now I can get it to load about 60-70% of the time, though not all the elements on the web page will load.

    Any ideas?? At this point I can live with it but I would really like to get this fixed but I am not sure where to start.

    Thanks


  • LAYER 8 Global Moderator

    "and well as having both disabled and the issue always remand."

    And where were your clients pointing to for dns.. IF you had both forwarder and resolver disabled..  Then you wouldn't of resolved anything..

    So what exactly are you using, the resolver or the forwarder?  Or the forwarder option in resolver section?

    You need to be clear on what your settings are.. What pfsense is set to for dns has nothing to do with anything if your using the resolver (unbound)

    So you upgraded from 2.2 to 2.2.1 or you upgraded from 2.1.x to 2.2.1?  In 2.2 line unbound is the new default (resolver)

    It is possible if using the resolver you could have issues or slowness in resolving depending on your network setup.  Your on a school for example - do they even let you query outside dns directly?  I would suggest you just forward dns to either your router in front of pfsense since you said your double natted.  Is the school network rfc1918 or do you have router in front of pfsense and then school is rfc1918 as well?

    What IP does pfsense get on its wan, does it start with 10.x or 192.168, 172.16-31?  What is pfsense plugged into, jack on the wall some other router/modem/gateway?



  • Well I set my clients to 8.8.8.8 and 8.8.4.4 when I had them disabled, and I have no issue when I use the schools wifi.

    I used both resolver with forwarder (setting) and just the forwarder.
    Was upgrading from 2.2 to 2.2.1.
    Resolver settings:
    Default + I had enable DNSSEC, Forwarder, DHCP reg, Static DHCP.

    I have been using pfsense at my school for that last 2 and half years with no issue (did change hardware from a netbook after the first year), I have always had all the settings setup to handle double NATing, and I so get a reserved IP (10.X.X.X) and it comes from just a jack in the wall.

    Update:
    I disabled DNSSEC (even though google supports it) and the seems to help though it might have been mostly pasubio since I re-enabled it and nothing has really changed. After a few days the problem has seem to have mostly gone away. Something will take a little bit longer to load or some elements will still go through the can't find, then found cycle. It almost like the DNS cache was wiped and then it had trouble re-populating it.


Log in to reply