• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

(Solved) Multiwan (failover) DNS not working

Scheduled Pinned Locked Moved DHCP and DNS
5 Posts 3 Posters 3.2k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • G
    getut
    last edited by Feb 19, 2016, 7:19 PM Feb 17, 2016, 3:49 PM

    I need some help with a multi-wan configuration. It is DSL primary and 4G as failover. I'm having trouble with the 4G modem staying up, but something has happened and now I can't get DNS resolution at all.

    I can ping 8.8.8.8 both from the pfsense VM command line as well as a client vm connected to the LAN side interface. But no DNS resolution works at the PFsense itself or from the client. I can point the client DIRECTLY to opendns servers and it works and can browse the internet, but if I point it at the pfsense forwarder it fails. The forwarding service is running.

    I have DNS servers entered for both WAN gateways.

    Any ideas or help?

    1 Reply Last reply Reply Quote 0
    • G
      getut
      last edited by Feb 17, 2016, 4:02 PM

      Well I found out some additional information. It is related to the multi wan, but it just stopped working. I didnt make any changes.

      If I disable the WANB interface, I get DNS resolution. When I turn WANB back on again, I can resolve for a couple seconds then it starts failing again… don't think it is caching because I try to resolve new sites and it works for 10-30 seconds with newly resolved sites before starting to fail again. Then when it starts failing I get 4 fails in a row (2 servers configured, each with 2 different gateways).

      1 Reply Last reply Reply Quote 0
      • G
        getut
        last edited by Feb 19, 2016, 7:18 PM

        Solved… Hopefully this helps someone else using MultiWAN in the future.

        When I set up my DNS, I followed the instructions about setting up DNS for each gateway. I use OpenDNS and when I set this up, I set it as follows and it didn't work:

        208.67.222.222 on WANA
        208.67.220.220 on WANA
        208.67.222.222 on WANB
        208.67.222.222 on WANB

        Long story short, you can't use the same DNS servers on each WAN. Behind the scenes, the system sets a static route for each DNS server using its assigned gateway.

        The reason that I was seeing what I was seeing was due to the first two DNS routes being set, then immediately overwritten by the last 2. So when I was in a state where both gateways were started and operational my DNS was attempting to be routed over the disabled gateway. If I brought down the secondary interface the routing for the DNS on that gateway was removed and the primary routes worked.

        1 Reply Last reply Reply Quote 0
        • C
          cmb
          last edited by Feb 20, 2016, 9:53 AM

          Yeah that's not a valid config. I added input validation so that can't be configured.
          https://redmine.pfsense.org/issues/5915

          1 Reply Last reply Reply Quote 0
          • K
            kapara
            last edited by Aug 3, 2016, 6:49 PM

            I ran into the same issue but no matter if I had different Dns addresses I still could not connect on secondary wan of failover.  Disabling Dns resolver and enabling Dns forwarder solved the problem for me.

            Skype ID:  Marinhd

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
              This community forum collects and processes your personal information.
              consent.not_received