Show Posts
1
24.1 Legacy Series / DNS cuts out every few minutes - No errors except the browser not connecting
« on: April 10, 2024, 12:44:24 pm »
I have been using OPNsense for a week now. On hardware Optiplex 3020, i3-4160 CPU, 8GB Ram. Intel 4 port nic.
Every few minutes, I will visit a website and get this error:
Hmm. We're having trouble finding that site.
We can't connect to the server <website>
If you entered the right address, you can: etc...
I have read hundreds of DNS related issues on the forum and reddit but cannot find a solution.
I have reset the opnsense and started again, but same issue. The issues happen on the WAN and LAN for Unbound override domains.
Here are my settings:
System > Settings > General
- TICKED Allow DNS server list to be overridden by DHCP/PPP on WAN
But i have also tried this unticked. Same issue.
- dns servers are all blank.
Interfaces:<n>
- static ipv4
- IPv6 - none
Also tried this with dhcpv6. same issue.
- Speed and duplex DEFAULT
Services: Unbound DNS: General
- Register ISC DHCP4 Leases
- Register ISC DHCP Static Mappings
- Flush DNS Cache during reload
The issue continue when these were off too.
Services: Unbound DNS: Blocklist
NOT ACTIVE
Services: Unbound DNS: Advanced
- log queries - TICKED
Services: Unbound DNS: DNS over TLS
NONE
Firewall: Rules: MainLAN
Rule 1 - Allow access to other LAN
Rule 2 - Allow internet
Firewall: Rules: OtherLAN
Rule 1 - Allow access to MainLAN
Rule 2 - Allow internet
Firewall: Rules: WAN
NONE
Firewall: NAT: Port Forward
Redirect traffic through dns - IP: 127.0.0.1 Port:53 Interface: lan1, lan2, wan
I would like to emphasis that I have even tried restarted from scratch. Same issue. It works fine, but every few minutes a WAN website cannot be reached.
Other things I have tried
I tried:
- turning off ipv6
- Allowing WAN dhcp to set the dns in System: Settings: General
- restarting from scratch
- updating to the latest version of opnsense (i did this today, I am using OPNsense 24.1.5_3-amd64, FreeBSD 13.2-RELEASE-p11, OpenSSL 3.0.13)
Has anyone experienced and fixed this?? I really don't know what to do and I do NOT want to go back to my TPlink!
(even as I first typed this, and pressed post, I saw the error page. Very frustrating)
Every few minutes, I will visit a website and get this error:
Hmm. We're having trouble finding that site.
We can't connect to the server <website>
If you entered the right address, you can: etc...
I have read hundreds of DNS related issues on the forum and reddit but cannot find a solution.
I have reset the opnsense and started again, but same issue. The issues happen on the WAN and LAN for Unbound override domains.
Here are my settings:
System > Settings > General
- TICKED Allow DNS server list to be overridden by DHCP/PPP on WAN
But i have also tried this unticked. Same issue.
- dns servers are all blank.
Interfaces:<n>
- static ipv4
- IPv6 - none
Also tried this with dhcpv6. same issue.
- Speed and duplex DEFAULT
Services: Unbound DNS: General
- Register ISC DHCP4 Leases
- Register ISC DHCP Static Mappings
- Flush DNS Cache during reload
The issue continue when these were off too.
Services: Unbound DNS: Blocklist
NOT ACTIVE
Services: Unbound DNS: Advanced
- log queries - TICKED
Services: Unbound DNS: DNS over TLS
NONE
Firewall: Rules: MainLAN
Rule 1 - Allow access to other LAN
Rule 2 - Allow internet
Firewall: Rules: OtherLAN
Rule 1 - Allow access to MainLAN
Rule 2 - Allow internet
Firewall: Rules: WAN
NONE
Firewall: NAT: Port Forward
Redirect traffic through dns - IP: 127.0.0.1 Port:53 Interface: lan1, lan2, wan
I would like to emphasis that I have even tried restarted from scratch. Same issue. It works fine, but every few minutes a WAN website cannot be reached.
Other things I have tried
I tried:
- turning off ipv6
- Allowing WAN dhcp to set the dns in System: Settings: General
- restarting from scratch
- updating to the latest version of opnsense (i did this today, I am using OPNsense 24.1.5_3-amd64, FreeBSD 13.2-RELEASE-p11, OpenSSL 3.0.13)
Has anyone experienced and fixed this?? I really don't know what to do and I do NOT want to go back to my TPlink!
(even as I first typed this, and pressed post, I saw the error page. Very frustrating)