OPNsense Forum

Archive => 17.7 Legacy Series => Topic started by: Julien on October 02, 2017, 12:44:41 pm

Title: DNS forwarder issue appear to be load balancing after update
Post by: Julien on October 02, 2017, 12:44:41 pm

Hi guys
after updating the opnsense laste day I can't seem to browse to the internet.
I can ping 8.8.8.8 but not www.google.com

when I nslookup domains its does resolve with the ip.
is this a firewall issue?

Can someone please point me to the right directions ?

Thank you so much

Title: Re: DNS forwarder issue
Post by: Ciprian on October 02, 2017, 01:31:04 pm

First thing, check if it's a matter of DNSSEC in Unbound DNS:

1. Disable "Harden DNSSEC data", then check DNS resolving.

(and if not)
2. Disable DNSSEC completely, then check again DNS resolving.

Let us know it it worked. :)

Title: Re: DNS forwarder issue
Post by: Julien on October 02, 2017, 01:38:24 pm

Quote from: hutiucip on October 02, 2017, 01:31:04 pm

First thing, check if it's a matter of DNSSEC in Unbound DNS:

1. Disable "Harden DNSSEC data", then check DNS resolving.

(and if not)
2. Disable DNSSEC completely, then check again DNS resolving.

Let us know it it worked. :)

Thank you for your quick answers.
where can I find those info ? on the LAN ? Services?
thank you

Title: Re: DNS forwarder issue
Post by: Ciprian on October 02, 2017, 01:45:53 pm

Quote from: Julien on October 02, 2017, 01:38:24 pm

where can I find those info ? on the LAN ? Services?
thank you

Harden DNSSEC data: Services -> Unbound DNS -> Advanced

Enable DNSSEC Support: Services -> Unbound DNS -> General

Quote

Thank you for your quick answers.

It was only a coincidence, I just logged in for the first time this week, and clicked "Show unread posts since last visit." You're welcome! :)

Title: Re: DNS forwarder issue
Post by: Julien on October 02, 2017, 02:21:16 pm

Thank you for your answer,
the issue appear to be a loadbalancing issue.
we have a load balancing the idea is tier 1 is the main connection and when tier 1 is down tier 2 takes over.
today was tier 2 down and the all the connections was down.
this configuration has been configure 2 years ago and its been working fine until last dat we updated the firewall

Do we have to applied the DNS rules on each VLAN interface? or on the LAN is enough? on the below configuration steps 5
https://docs.opnsense.org/manual/how-tos/multiwan.html

Title: Re: DNS forwarder issue appear to be load balancing after update
Post by: Julien on October 03, 2017, 11:30:45 am

any suggestions guys here?

below screenshots is the rules of the LAN for the LOADbalancing.
we have created those rules on the LAN.
VLANS 10/2/3/4/5/6 are member of the LAN physical NIC,do we have to create this on each VLANS interface ?
the Loadbalancing is working but when we remove the secondary WAN the internet remain working, but when we remove the WAN1 internet goes down. I remember having this issue 2 years ago and Josschilve has helped.

please see below screenshots shoemhow it does not switch the gateway when the WAN1 is down.

Title: Re: DNS forwarder issue appear to be load balancing after update
Post by: Julien on October 05, 2017, 03:01:34 pm

we have decided to go back to Pfsense for this customer as LOADBALANCING is working out of the box.