Author Topic: DNS not resolving (Read 1761 times)

privateer · « **on:** April 30, 2018, 07:13:01 pm »

Hello,
after something that i don't know happened the dns server on my firewall it's not resolving anymore.
atthached the screenshot of my setup.

if i query a dns lookup from a client (DHCP gives the firewall ip ad first dns to the clients) i got a time out, what am i missing?

Andrea

phoenix · « **Reply #1 on:** April 30, 2018, 07:27:49 pm »

I'd suggest you remove the localhost IP from the first entry, if you actually have a DNS server running on the firewall LAN IP then change it to that.

privateer · « **Reply #2 on:** April 30, 2018, 07:41:11 pm »

Quote from: phoenix on April 30, 2018, 07:27:49 pm

I'd suggest you remove the localhost IP from the first entry, if you actually have a DNS server running on the firewall LAN IP then change it to that.

uh, i forgot to delete it, that was one of the many things i tried...

privateer · « **Reply #3 on:** May 02, 2018, 03:40:12 pm »

Quote from: phoenix on April 30, 2018, 07:27:49 pm

I'd suggest you remove the localhost IP from the first entry, if you actually have a DNS server running on the firewall LAN IP then change it to that.

nothing changed after this try...

Animosity022 · « **Reply #4 on:** May 02, 2018, 03:57:25 pm »

What's the client you are running to test?

Can you share the ipconfig or /etc/resolv.conf to see if it's puling the right DNS?

If you check your Unbound -> Access Lists, are you seeing the right networks in there?

Do you have a firewall rule to allow all LAN traffic?

privateer · « **Reply #5 on:** May 15, 2018, 11:51:42 am »

i had to rebuild the firewall since i believe the configuration was completely f**ked.
now Unbound dns is working but if i check the option "Register DHCP leases in the DNS Resolver" the service stops. to start it again i have to unchek the flag.
in the and log there are this errors:

May 15 11:49:56 unbound: [97525:0] fatal error: Could not set up local zones
May 15 11:49:56 unbound: [97525:0] error: Bad local-data RR .tortuga.local IN A 192.168.0.100

but i don't really know what they mean...

franco · « **Reply #6 on:** May 15, 2018, 07:43:41 pm »

Looks like there is a device in your network that advertises an empty hostname.

privateer · « **Reply #7 on:** May 16, 2018, 11:48:00 am »

as long i can remember maybe there's a client without hostname which actually has an ip given by the dhcp.
and the ip 192.168.0.100 is free...

hutiucip · « **Reply #8 on:** May 16, 2018, 11:50:32 am »

It might be nothing, but did you see the space after RR in "...RR .tortuga.local..."? I guess the FQDN should be RR.tortuga.local (without the space)?!... Or is RR short for Round Robin?!... $:-\$

privateer · « **Reply #9 on:** May 16, 2018, 12:20:11 pm »

"RR" is not something i wrote anywhere, it comes from opnsense (intended as "from the service")

Author Topic: DNS not resolving (Read 1761 times)

privateer

DNS not resolving

phoenix

Re: DNS not resolving

privateer

Re: DNS not resolving

privateer

Re: DNS not resolving

Animosity022

Re: DNS not resolving

privateer

Re: DNS not resolving

franco

Re: DNS not resolving

privateer

Re: DNS not resolving

hutiucip

Re: DNS not resolving

privateer

Re: DNS not resolving