Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    DNS resolving issue

    DHCP and DNS
    2
    3
    644
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      spectre694 last edited by

      I'm running 2.3_1.

      My setup actually has two WAN's (one is disabled for now) When I use my DSL connection pfSense works flawlessly I can browse download watch videos etc.

      If I plug the other WAN [SAT] (same port unplugged DSL first) then only pfSense has internet. I can update install packages on the pfSense box but if I try to browse on any client I get a name cannot be resolved. If I manually set the DNS server on each client PC then browsing works just fine over the second WAN for some reason.

      Setting the DNS servers manually in pfSense did not work (though I may have done that wrong it is my first time using it)

      I can post any logs or anything that you guys might need just let me know.

      1 Reply Last reply Reply Quote 0
      • S
        spectre694 last edited by

        So switching to DNS forwarder instead of the DNS resolver seems to have solved the issue.

        1 Reply Last reply Reply Quote 0
        • johnpoz
          johnpoz LAYER 8 Global Moderator last edited by

          "WAN [SAT]"  So you mean satellite here, its quite possible on a sat connection your latency is so high that trying to actually resolve would be very problematic.  Resolving means walk the tree to get to the authoritative server for the domain.  So say you wanted to look up www.domain.com.  You would first ask roots, hey roots who do I ask for .com, they would point you to those nameservers, you would go ask them hey who do I ask for domain.com, they would give you the ns for that domain, you would then go directly ask one of those ns for the www record.

          Depending on the domain that NS for that domain might be shitty, or long way away anyway.  Having high latency network could cause problems with that.  While when you forward, your just asking a specific name server hey what is IP for www.domain.com, he most likely has it cached and just gives that IP to you directly.

          Its also possible that your ISP blocks access to dns to anything other than their nameservers, this also breaks resolving.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense Plus
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy