Text only | Text with Images

OPNsense Forum

Archive => 15.1 Legacy Series => Topic started by: reep on May 15, 2015, 10:30:54 PM

Title: [SOLVED] DNS not working
Post by: reep on May 15, 2015, 10:30:54 PM
Hmmm..... bit of a head scratch going on here with DNS failure

I have a static IP for my LAN connection on  192.168.10.251

WAN1 is a DHCP connection

The first time I set up the box DNS resolved and I applied the updates.

I decided to use the OpenDNS server addresses and added them under System Settings general (It seems you can only add one DNS server in the box per WAN connection which is a bit odd)

root@OPNsense:~ # cat /etc/resolv.conf
domain mydomain.net
nameserver 127.0.0.1
nameserver 208.67.222.222
nameserver 208.67.220.220

I enabled DNS Forwarder and left all the settings at default with Interfaces set to 'all'

If I try and ping a domain name from the command line I get

root@OPNsense:~ # ping www.demon.net
ping: cannot resolve www.demon.net: Host name lookup failure

If I ping by IP it work so it seems to be a resolution failure :

root@OPNsense:~ # ping 162.13.61.33
PING 162.13.61.33 (162.13.61.33): 56 data bytes
64 bytes from 162.13.61.33: icmp_seq=0 ttl=51 time=42.691 ms
64 bytes from 162.13.61.33: icmp_seq=1 ttl=51 time=53.306 ms


Any ideas on what I have messed up ?

B. Rgds
John
Title: Re: DNS not working
Post by: franco on May 15, 2015, 10:52:28 PM
As a first thought double-check https://opnsense.box/system_general.php -> DNS Server settings should have no DNS server entries, "allow DNS to be overridden" set, "Do not use the DNS Forwarder" unset

You can also try https://opnsense.box/system_advanced_admin.php -> trigger "Disable DNS Rebinding Checks"


Cheers,
Franco
Title: Re: DNS not working
Post by: reep on May 16, 2015, 12:31:05 AM
Hi Franco, and thanks.

Sure I have just done something dumb... :-)

Quote from: franco on May 15, 2015, 10:52:28 PM
As a first thought double-check https://opnsense.box/system_general.php -> DNS Server settings should have no DNS server entries, "allow DNS to be overridden" set, "Do not use the DNS Forwarder" unset


So in simple terms how can you override WAN assigned DNS settings (assuming they are set) ?

I presumed I would enable the DNS Forwarder, and add the DNS servers in system_general and that should be about it ?

In DNS Forwarder it says :

"The DNS forwarder will use the DNS servers entered in System: General setup or those obtained via DHCP or PPP on WAN if the "Allow DNS server list to be overridden by DHCP/PPP on WAN" is checked. If you don't use that option (or if you use a static IP address on WAN), you must manually specify at least one DNS server on the System: General setup page."

Sorry - it may seem obvious if you know, but to an idiot like me..... :-)

Quote
You can also try https://opnsense.box/system_advanced_admin.php -> trigger "Disable DNS Rebinding Checks"

I'll give this a try too.

B. Rgds
John
Title: Re: DNS not working
Post by: reep on May 16, 2015, 12:57:37 AM
As an addendum I disabled DNS Forwarder, left the DNS Servers in system general with one IP assigned to each WAN interface, rebooted and it partially worked

On further testing it seems like my backup WAN connection that I was using to test with is possibly blocking DNS queries or somesuch - need to investigate more.

I swapped to using one of my other normal lines and it worked OK. Will test the forwarding later.
Text only | Text with Images