DNS issues with 2 nested PFSense machines.



  • Ok. I had a strange problem. I was helping a friend setup a PFsense box and I figured I could just plug the WAN of his box into my LAN to get updates and packages.

    Well everything internet related was extremely slow to respond and mostly failed. I went to DNS diagnostics and after a long wait it appeared only IPV6 was resolving.

    He has a base install, and none of the machines on my network have DNS issues. Is there something going on because of the double NAT? Or the fact that both NATs have the same DHCP address space?

    I know its not ideal but I need a way to configure PFSense machines inside my network.

    Thanks.



  • If you have WAN set to be assigned by DHCP and your friend's LAN has a DHCP server, then it should just work.  If you have to manually configure then it's just a matter of using the parameters of his LAN for your WAN configuration.



  • Yep, both were automatic. My friend's PFSense properly recieved an IP. It also properly issued an IP to my laptop. Both DHCP use the 192.168.1.0/24 space. But this shouldn't matter as NAT should still be working.


  • LAYER 8 Global Moderator

    so your lan was 192.168.1.0/24 and his wan would of gotten 192.168.1.x and his lan was also 192.168.1.0/24 – yeah that going to be a problem.



  • Ok. If thats the answer I'll setup using something different. Perhaps I can vlan that port for a less used DHCP space.



  • IMHO, have your friend set his LAN range to something like 10.0.1.0/24 to avoid the whole issue. I always get off of 192.168.0.0/16 entirely and go to a 10.0.0.0/8 range instead to avoid these issues. Too many networking devices default to 192.168.0.0/24 or 192.168.1.0/24 that you'll eventually get hit with this conflict (like trying to VPN into your pfsense LAN from a hotel and realizing that you can't because of the subnet conflict).


Log in to reply