pfSense Gold Subscription

Author Topic: DNS Resolver  (Read 67580 times)

0 Members and 1 Guest are viewing this topic.

Offline wagonza

  • Sr. Member
  • ****
  • Posts: 394
  • Karma: +8/-1
    • View Profile
    • The Packet Hub
DNS Resolver
« on: June 19, 2014, 03:07:28 pm »
Hi guys

in 2.2 the DNS forwarder is looking to be replaced and thus DNS Resolver has been added. It does require more testing than what I have and some others have done.
Please could you test it and provide feedback.

Thanks

Offline m3usv0x

  • Jr. Member
  • **
  • Posts: 47
  • Karma: +0/-0
    • View Profile
Re: DNS Resolver
« Reply #1 on: June 21, 2014, 08:01:31 pm »
Settings do not stick under "advanced".
Attempted even checking random radio boxes and saving, same effect.

Offline m3usv0x

  • Jr. Member
  • **
  • Posts: 47
  • Karma: +0/-0
    • View Profile
Re: DNS Resolver
« Reply #2 on: June 23, 2014, 12:15:04 pm »
Getting this for awhile now:
dhcpleases: Could not deliver signal HUP to process because its pidfile does not exist, No such process.

Offline ankaerith

  • Newbie
  • *
  • Posts: 18
  • Karma: +0/-0
    • View Profile
Re: DNS Resolver
« Reply #3 on: June 24, 2014, 12:10:25 am »
Settings do not stick under "advanced".
Attempted even checking random radio boxes and saving, same effect.

For what it is worth, I see the same issue.

Offline mais_um

  • Full Member
  • ***
  • Posts: 238
  • Karma: +4/-0
    • View Profile
Re: DNS Resolver
« Reply #4 on: July 06, 2014, 05:22:51 pm »
Hi

  • Settings does not stick only on advanced, in general settings happens to.
  • I can't create a domain like mycustomdomain.com (10.0.0.50) and www.mycustomdomain.com (10.0.0.50) in Host Overrides, only one works. DNS Forward works OK
  • Can't delete networks when edit one access list.
  • I have a warning on Boot /etc/inc/unbund.inc file don't existe but /etc/inc/unbund.inc exist, i don't know if is a Caps problem Edited: The warning is not for file Unbund.inc is for  unbund.inc no Caps
  • Updating to 5 July from a a week ago seems having problems find some hosts, don't know why. I have to change to DNS Forward to solve this problems. One example i put the pfsense host name on Overrides and fail to resolve, some other works. The only change i make is using Vlans

2.2-ALPHA (amd64) Full with RAM Disks enable.
built on Sat Jul 05 16:00:36 CDT 2014
FreeBSD 10.0-STABLE
« Last Edit: July 09, 2014, 05:59:36 am by mais_um »
pfSense:
ASRock -> Wolfdale1333-D667 (2GB TeamElite Ram)
Marvell 88SA8040 Sata to CF(Sandisk 4GB) Controller
NIC's: RTL8100E (Internal ) and Intel® PRO/1000 PT Dual (Intel 82571GB)

Offline feld

  • Newbie
  • *
  • Posts: 4
  • Karma: +1/-0
    • View Profile
Re: DNS Resolver
« Reply #5 on: July 08, 2014, 08:44:32 pm »
Settings aren't sticking

Can't resolve anything unless I disable forwarders

Disabling forwarders breaks my ability to forward domains to certain servers

Offline athurdent

  • Hero Member
  • *****
  • Posts: 650
  • Karma: +36/-7
  • N00b.
    • View Profile
Re: DNS Resolver
« Reply #6 on: July 17, 2014, 03:07:34 am »
Just tried the latest build:
Code: [Select]
2.2-ALPHA (amd64)
built on Wed Jul 16 09:13:49 CDT 2014

Looks better than before. I disabled forwarding mode since I want unbound to do the DNS lookups itself. It starts and does DNS lookups now. As soon as I set an outgoing interface it does not work anymore. I set it to WAN, which is the test hosts only WAN interface, configured to do DHCP/DHCPv6. Looking at the config file it seems that this interface cannot be found/parsed somehow:

Code: [Select]
# Outgoing interfaces to be used
outgoing-interface:

Offline stompro

  • Full Member
  • ***
  • Posts: 144
  • Karma: +0/-0
    • View Profile
Re: DNS Resolver
« Reply #7 on: July 18, 2014, 07:03:16 pm »
Can someone point me to the reasoning/discussion on why dnsmasq is being replaced?  I've always been happy with it.
Hardware used: Alix 2D13 X 30, FAbiatech FX5620 X 10, Netgate Hamakua-1U.

Offline drclaw

  • Newbie
  • *
  • Posts: 10
  • Karma: +0/-0
    • View Profile
Re: DNS Resolver
« Reply #8 on: July 18, 2014, 10:55:15 pm »
It doesn't seem to be picking up the aliases set for a host - creates the original ok, but not the aliases... I tried creating 1-5 for a few of my hosts, none of them work.



FreeBSD pfsense 10.0-STABLE FreeBSD 10.0-STABLE #18 0d8378f(HEAD)-dirty: Mon Jul 14 10:18:35 CDT 2014     root@pf22-amd64-snap:/usr/obj.amd64/usr/pfSensesrc/src/sys/pfSense_SMP.10  amd64

[2.2-ALPHA][admin@pfsense]/etc/unbound(49): unbound -v
[1405742091] unbound[56768:0] notice: Start of unbound 1.4.20.

Offline wagonza

  • Sr. Member
  • ****
  • Posts: 394
  • Karma: +8/-1
    • View Profile
    • The Packet Hub
Re: DNS Resolver
« Reply #9 on: July 19, 2014, 05:52:48 am »
Settings do not stick under "advanced".
Attempted even checking random radio boxes and saving, same effect.

This should be fixed.

Offline wagonza

  • Sr. Member
  • ****
  • Posts: 394
  • Karma: +8/-1
    • View Profile
    • The Packet Hub
Re: DNS Resolver
« Reply #10 on: July 19, 2014, 05:59:27 am »
Hi

  • Settings does not stick only on advanced, in general settings happens to.

This should be fixed.

  • I can't create a domain like mycustomdomain.com (10.0.0.50) and www.mycustomdomain.com (10.0.0.50) in Host Overrides, only one works. DNS Forward works OK

Ok will look into this.

  • Can't delete networks when edit one access list.

Please check latest snapshot.

  • I have a warning on Boot /etc/inc/unbund.inc file don't existe but /etc/inc/unbund.inc exist, i don't know if is a Caps problem Edited: The warning is not for file Unbund.inc is for  unbund.inc no Caps

I dont see this error but check if it happens for you in latest snap.


  • Updating to 5 July from a a week ago seems having problems find some hosts, don't know why. I have to change to DNS Forward to solve this problems. One example i put the pfsense host name on Overrides and fail to resolve, some other works. The only change i make is using Vlans

2.2-ALPHA (amd64) Full with RAM Disks enable.
built on Sat Jul 05 16:00:36 CDT 2014
FreeBSD 10.0-STABLE

Hrmm.. once you make the change and it stops resolving then could please PM me your unbound config file so I can see if anything is missing?

Offline wagonza

  • Sr. Member
  • ****
  • Posts: 394
  • Karma: +8/-1
    • View Profile
    • The Packet Hub
Re: DNS Resolver
« Reply #11 on: July 19, 2014, 05:59:52 am »
Settings aren't sticking

Can't resolve anything unless I disable forwarders

Disabling forwarders breaks my ability to forward domains to certain servers

Still the case in latest snap?

Offline wagonza

  • Sr. Member
  • ****
  • Posts: 394
  • Karma: +8/-1
    • View Profile
    • The Packet Hub
Re: DNS Resolver
« Reply #12 on: July 19, 2014, 06:02:43 am »
Can someone point me to the reasoning/discussion on why dnsmasq is being replaced?  I've always been happy with it.

Well Unbound is now in base of FreeBSD 10.X so it makes it (pfSense) easier to maintain.

Offline mais_um

  • Full Member
  • ***
  • Posts: 238
  • Karma: +4/-0
    • View Profile
Re: DNS Resolver
« Reply #13 on: July 22, 2014, 04:56:03 am »
Hi

2.2-ALPHA (amd64)
built on Tue Jul 22 01:18:23 CDT 2014 (Full)
  • Settings are sticking, i don't test if are working or not.
  • Can delete networks when edit one access list (what access list is for? been there or not is the same thing, some check box to only allow allowed lists? or i need one to reject all networks first?).
  • Hosts seems OK.
  • Host Override works but aliases don't.
  • Only the first domain works on Host Override. If i configure multiple domains to a IP or multiple IPs only the first one seems to work.
  • Not tested yet domain override. I'll.

Edit: My DNS clients take the DNS from General Setup -> DNS Servers (the first-one) and not the pfsense IP. My DNS Servers in system information and in interface are 127.0.0.1 and those in General Setup -> DNS Servers (should have my ISP to from my pppoe connection).

Edit2: For some reason My Ubuntu server 14.04 in VirtualBox doesn't resolve any host or domain said:
Code: [Select]
"xxxxx@BoxHost:/etc$ nslookup
> pfsense
;; reply from unexpected source: 10.0.30.1#53, expected 10.0.0.1#53"
10.0.0.1 is Lan IP (vlan) and 10.0.30.1 is another Vlan where My ubuntu server network are.
« Last Edit: July 22, 2014, 06:19:01 pm by mais_um »
pfSense:
ASRock -> Wolfdale1333-D667 (2GB TeamElite Ram)
Marvell 88SA8040 Sata to CF(Sandisk 4GB) Controller
NIC's: RTL8100E (Internal ) and Intel® PRO/1000 PT Dual (Intel 82571GB)

gonzopancho

  • Guest
Re: DNS Resolver
« Reply #14 on: August 03, 2014, 11:18:50 pm »
Can someone point me to the reasoning/discussion on why dnsmasq is being replaced?  I've always been happy with it.

Well Unbound is now in base of FreeBSD 10.X so it makes it (pfSense) easier to maintain.

and dnsmasq has some really poor failure modes.

and ... dense support is completely missing for dnsmasq