Bug #13797
closed
DNS Resolver stops working
0%
Description
Hi there,
I have been having problems with the DNS Resolver that it just stops working for no reason every now and then. I tried looking if there were any bugs reporting this problem already but could not find anything. I just had it this morning again and restarted the service, which fixed the problem. The issue here is that I have a the service watchdog package installed, monitoring also the DNS Resolver but the service is running just not working. So the watchdog is unable to fix it.
My system is:- pfSense Plus 22.05
- My DNS Servers are adguard: 94.140.14.14 and 94.140.15.15 (I had other DNS before, like google's 8.8.8.8 and cloudflare 1.1.1.1 and it had the same problem)
- I have one internet connection, Starlink and is DHCP
I am attaching the DNS log, where I restarted the service at 10:01:00. It was not working before and afterwards it starts working again. And no, I was never able to catch the moment when it stopped working in the log. :-(
Files
Updated by Kris Phillips over 2 years ago
Hello,
There is nothing unusual in the log file provided and there isn't enough information to go on here for a bug report. What, exactly, is "odd" or not working? If you go to Diagnostics --> DNS Lookup, does the unbound DNS resolver at 127.0.0.1 not respond?
I believe that your issue would be best handled by a support ticket with our TAC team, if you have support, or reaching out on our forums, as there isn't enough information to go on here for a bug report.
Recommend this gets marked as Incomplete.
Updated by Fred Brunken over 2 years ago
Hi,
Thanks for you feedback. As for your questions, well...
The symptom is relatively easy to explain. The Network stops working and I just receive a DNS error for anything tried until I restart the DNS resolver. That is the easy part. Everything else is very difficult.
1. I am unable to reproduce it. I was never able to understand why it starts or how to trigger it.
2. I was not able to catch the beginning of it...
This happens on and off since for no particular reason...
Anyway, I installed syslog-ng and I increased the log level to 4. I hope I am able to id this better next time... If you prefer to close this ticket now until I am able to better id next time... Maybe it is fixed with the next pfsense version.
Thanks again
Updated by Fred Brunken over 2 years ago
- File pfsense 291222.zip pfsense 291222.zip added
Hi there,
First of, happy new year.
I was able to get a new log file, this time with log level 4. Unfortunately, the log doesn't make sense to me but there are differences from the before and after the DNS Resolver restart. I did the test using sendle.com. Why sendle? Just because I thought it would be something unique I could look for in the log...
Anyway, there is a before and after DNS Resolver restart. The restart happens at exactly 19:53:00. So, I did a couple of requests for sendle.com before, mostly from a browser. And I always got a DNS error. I also did a a request from pfsense Diagnostics --> DNS Lookup (which did work). Then, after the restart, which happened at 19:53:00, the request did work from my computer browser.
I hope this provides more information on the problem.
Thanks
Updated by Kris Phillips over 2 years ago
Fred Brunken wrote in #note-3:
Hi there,
First of, happy new year.
I was able to get a new log file, this time with log level 4. Unfortunately, the log doesn't make sense to me but there are differences from the before and after the DNS Resolver restart. I did the test using sendle.com. Why sendle? Just because I thought it would be something unique I could look for in the log...
Anyway, there is a before and after DNS Resolver restart. The restart happens at exactly 19:53:00. So, I did a couple of requests for sendle.com before, mostly from a browser. And I always got a DNS error. I also did a a request from pfsense Diagnostics --> DNS Lookup (which did work). Then, after the restart, which happened at 19:53:00, the request did work from my computer browser.
I hope this provides more information on the problem.
Thanks
Hello Fred,
Reviewing your logs, it appears that there is a "no route to host" message popping up when this happens.
Here is the relevant log entry (there are several):
Dec 29 19:51:53 localhost unbound89874: [89874:0] notice: send failed: No route to host
Do you have your DNS forced out a certain gateway or something under System --> General Setup? Also, is your DNS Resolver operating in root or forwarding mode?
Updated by Fred Brunken over 2 years ago
Kris Phillips wrote in #note-4:
Fred Brunken wrote in #note-3:
Hi there,
First of, happy new year.
I was able to get a new log file, this time with log level 4. Unfortunately, the log doesn't make sense to me but there are differences from the before and after the DNS Resolver restart. I did the test using sendle.com. Why sendle? Just because I thought it would be something unique I could look for in the log...
Anyway, there is a before and after DNS Resolver restart. The restart happens at exactly 19:53:00. So, I did a couple of requests for sendle.com before, mostly from a browser. And I always got a DNS error. I also did a a request from pfsense Diagnostics --> DNS Lookup (which did work). Then, after the restart, which happened at 19:53:00, the request did work from my computer browser.
I hope this provides more information on the problem.
Thanks
Hello Fred,
Reviewing your logs, it appears that there is a "no route to host" message popping up when this happens.
Here is the relevant log entry (there are several):
Dec 29 19:51:53 localhost unbound89874: [89874:0] notice: send failed: No route to hostDo you have your DNS forced out a certain gateway or something under System --> General Setup? Also, is your DNS Resolver operating in root or forwarding mode?
Hi,
That maybe it. So, no fault but a bad config. Thanks and sorry if I open a ticket for user mistake.
Ok, I have 2 WAN connections that I use for load balance. On System --> General Setup, I had the 2 DNS IPs with Gateway = none, which I expected to work on a load balance mode. Now I have put one DNS IP for one GW and the other one on the other GW. I suppose this should resolve the problem.
And DNS Resolver is not configured in forwarding mode. I suppose the opposite of forwarding mode is root?
Anyway, how can I close this ticket.
Thanks and sorry I had you wasting your time.
Updated by