My firewall has stopped being able to resolve any external hostnames. I am using Cloudflare DNS in General -> Settings, with "Do not use the local DNS service as a nameserver for this system" enabled.
Clients on the network can resolve hostnames via 1.1.1.1.
From the firewall:
* Pinging 1.1.1.1 works.
* Interfaces -> Diagnostics -> DNS Lookup
Hostname: google.com
Server: <empty>
Error: error sending query: Error creating socket
Hostname: google.com
Server: 1.1.1.1
Error: error sending query: Error creating socket
* host command fails
$ host google.com
;; connection timed out; no servers could be reached
* drill command fails
$ drill google.com
Error: error sending query: Error creating socket
$ drill google.com @1.1.1.1
Error: error sending query: Error creating socket
* Unbound DNS log:
2025-03-19T17:28:43 Notice unbound [25205:1] notice: remote address is 1.1.1.1 port 53
2025-03-19T17:28:43 Notice unbound [25205:1] notice: send failed: No buffer space available
This is on opnsense 24.7.1. I can't update to a newer version... because DNS is broken.
Do you have a valid IPv4 address and a default gateway on WAN?
Yes, the firewall has a WAN IP address and it can ping public IPs. Clients on the network can also connect to 1.1.1.1 directly without issue and resolve hostnames. It is only the firewall that fails to resolve any external DNS.