DNS Issue
-
Hey Guys,
I have been having this problem for months and it is driving me crazy. I could really use some assistance in tracking down the cause.
All of a sudden, DNS resolution cannot happen. I had this problem when I was using DNS Forwarder, and still continues after I've upgraded versions and switched to using DNS Resolver.
This morning it happened again, 3rd day in a row.
http://imgur.com/a/Gl7rt
Even PFSense cannot resolve addresses either.
I have internet access, as I usually always RDP into my home PC from work, and will reboot PFSense to resolve the issue.
Any Idea's on where I could start looking?
-
If pfsense can not resolve then seems like the resolver unbound stopped. Do you have anything in pfsense logs?
what is the error you get when you try and resolve in pfsense, or when you try and do a query to pfsense IP for dns using your fav tool like nslookup, dig or drill or host, etc.
Do you get answer that NX for that query or does it just time out competely trying to talk to unbound on pfsense? My guess is unbound just died for whatever reason. Look in the logs, vs rebooting pfsense - restart unbound, etc.
-
Something worse than resolver not functioning is happening there. It's not even set to use 127.0.0.1 in resolv.conf from the screenshot. None of the configured DNS servers respond when directly queried. Seems like you're probably losing Internet connectivity entirely.
-
@cmb:
Something worse than resolver not functioning is happening there. It's not even set to use 127.0.0.1 in resolv.conf from the screenshot. None of the configured DNS servers respond when directly queried. Seems like you're probably losing Internet connectivity entirely.
I am definitely not losing internet, as I mentioned I am actually connected to my Desktop PC through RDP while at work when having these issues.
-
If pfsense can not resolve then seems like the resolver unbound stopped. Do you have anything in pfsense logs?
what is the error you get when you try and resolve in pfsense, or when you try and do a query to pfsense IP for dns using your fav tool like nslookup, dig or drill or host, etc.
Do you get answer that NX for that query or does it just time out competely trying to talk to unbound on pfsense? My guess is unbound just died for whatever reason. Look in the logs, vs rebooting pfsense - restart unbound, etc.
I wasn't really sure where or what I should be looking for in the logs. I'll do some nslookups the next time that I have this issue. Is there a specific log section that I should go to next time to cut and paste into here for you guys?
-
well look in your resolver section if that is what your using. But from your screenshot your not using the resolver your not even pointing pfsense to itself to lookup any of its records.
When you have the issue have your client do a nslookup to a public dns like 8.8.8.8 or something does that work, if not then no having point to 8.8.8.8 isn't going to work either.
-
well look in your resolver section if that is what your using. But from your screenshot your not using the resolver your not even pointing pfsense to itself to lookup any of its records.
When you have the issue have your client do a nslookup to a public dns like 8.8.8.8 or something does that work, if not then no having point to 8.8.8.8 isn't going to work either.
Thank you !
I've made changes to my DNS to ensure that the Resolver is first.
-
So your now only using resolver, in resolver mode?
Has that made your dns issues go away. Since resolver walks down from roots and doesn't ask any other recursive servers for anything.. Just roots to authoritative servers for the domain you have a record your looking for.
Pfsense has no need for anything other than pointing to itself to resolve anything.
