The pfSense Store

Author Topic: DNS does not work if "default" interface is down  (Read 447 times)

0 Members and 1 Guest are viewing this topic.

Offline dims

  • Jr. Member
  • **
  • Posts: 63
  • Karma: +0/-0
    • View Profile
DNS does not work if "default" interface is down
« on: April 29, 2017, 07:23:12 am »
I have 3 WANs configured:



They are all load balancing



Unfortunately, once "default" interface is dowm, DNS doesn't work anymore. I can still access sites by IP, but DNS is not available.

This is probably because of DNS forwarder, which is resolving DNS only via default interface.

How to fix this?

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 14793
  • Karma: +1374/-202
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: DNS does not work if "default" interface is down
« Reply #1 on: April 29, 2017, 08:15:36 am »
use the resolver and have it use 1 or all of the interfaces you would like it to be able to use..
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.4.2-RELEASE-p1 (work)
1x SG-4860 2.4.2-RELEASE-p1 (home)

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 21493
  • Karma: +1458/-26
    • View Profile
Re: DNS does not work if "default" interface is down
« Reply #2 on: May 01, 2017, 09:10:02 am »
If you are using the forwarder, or the resolver in forwarding mode, go to System > General Setup, and setup one DNS server for each WAN. So the first DNS server would use the gateway for the first WAN, second with a gateway for the second WAN, and so on.

If you are using the resolver in non-forwarding mode, then activate default gateway switching from System > Advanced, Misc.
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline dims

  • Jr. Member
  • **
  • Posts: 63
  • Karma: +0/-0
    • View Profile
Re: DNS does not work if "default" interface is down
« Reply #3 on: January 02, 2018, 05:37:18 am »
How can I set DNS for each WAN? It should be set by DHCP. I just don't know which DNS is for which WAN!

Of course, I know 8.8.8.8 and 8.8.4.4, but these are only 2, while I need 3.

Offline rudger_wolvram

  • Jr. Member
  • **
  • Posts: 30
  • Karma: +2/-0
    • View Profile
Re: DNS does not work if "default" interface is down
« Reply #4 on: January 03, 2018, 01:02:04 pm »
I'm using the forwarder and have mine set up this way (I also have IPv6 set up) and was having the same problem until I added the last 2 entries.
Under System/General Setup on the DNS server settings I have 6 entries.

2001:4860:4860::8888   WAN_DHCP6   (google IPv6)
2001:4860:4860::8844   WAN_DHCP6   (google IPv6)
208.67.222.222   WAN1_DHCP   (openDNS)
208.67.220.220   WAN1_DHCP   (openDNS)
8.8.8.8    WAN2_DHCP   (Google)
8.8.4.4    WAN2_DHCP   (Google)

If I failover to WAN2 it will use those two google DNS servers, if I am running normally, it uses openDNS.

Note, I don't know if I can have duplicate DNS server IPs with different interfaces. I've never tried.