pfSense » pfSense Plus

I have the following "custom options" configuration in my DNS resolver settings to allow DNS over OpenVPN to work properly.

server:
private-domain: "eng.oxide.computer" 

About once a week, the PfSense+ resolver just stops resolving anything under the domain oxide.computer. Making a note for myself that this happened on Nov 23 at approximately 10:35 AM.

I have looked at the general system logs and the DNS Resolver logs and do not see anything happening with the resolver around this time. The DNS Resolver does not even have a log entry for the entire day on Nov 23rd.

Resolving other names, such as google.com works fine. It's just names under the oxide.computer domain that fail to resolve.

ry@rymb:~$ ping google.com
PING google.com (142.251.214.142): 56 data bytes
64 bytes from 142.251.214.142: icmp_seq=0 ttl=57 time=20.139 ms
64 bytes from 142.251.214.142: icmp_seq=1 ttl=57 time=19.795 ms
^C
--- google.com ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 19.795/19.967/20.139/0.172 ms

ry@rymb:~$ ping oxide.computer
ping: cannot resolve oxide.computer: Unknown host

ry@rymb:~$ dig oxide.computer

; <<>> DiG 9.10.6 <<>> oxide.computer
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 4996
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;oxide.computer.            IN    A

;; Query time: 89 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Wed Nov 23 10:36:52 PST 2022
;; MSG SIZE  rcvd: 43

If I make no changes to the resolver config and click save/apply-changes on the services_unbound.php page, the resolver starts working again for names under the oxide.computer domain.

I'm running PfSense+ on a Netgate 4100.

22.05-RELEASE (amd64)
built on Wed Jun 22 18:56:13 UTC 2022
FreeBSD 12.3-STABLE