31
17.1 Legacy Series / Local DNS server failure
« on: December 10, 2016, 08:02:54 am »
When attempting to use a DNS server on my LAN as the primary DNS server the whole network loses connection. A reboot does not fix the issue.
However if the DNS server is set on the client. Than the network works fine. Not sure where I should start looking?
I already have DNS rebind set to off.
I have seen this in the error logs. This is the IP of my DNS server.
Basically. I have an adnetwork filter based off of DNS.
On the remote DNS server (which is on my LAN)
I have the IP statically set.
I have the default gateway the IP of the router.
I have the DNS server IP set to Google & Level3 Communications.
If I set the DNS server under Settings>General in opnsense I lose ALL network connectivity.
However; If I manually take a PC and set it to use the DNS server everything works correctly and ads are filtered.
I wanted the router to simply use this local DNS server because its a pain to set DNS on all members of the network. I initially thought this might be a drop because of a detected DNS rebind attack, however I ran my own DNS server previously and that was still disabled.
I dont really know where to begin debugging this.
OPNsense 17.1.a_878-amd64
FreeBSD 11.0-RELEASE-p2
OpenSSL 1.0.2j 26 Sep 2016
However if the DNS server is set on the client. Than the network works fine. Not sure where I should start looking?
I already have DNS rebind set to off.
I have seen this in the error logs. This is the IP of my DNS server.
Code: [Select]
opnsense: /system_general.php: The command '/sbin/route delete -host 10.0.0.19' returned exit code '1', the output was 'route: route has not been found delete host 10.0.0.19 fib 0: not in table'
Basically. I have an adnetwork filter based off of DNS.
On the remote DNS server (which is on my LAN)
I have the IP statically set.
I have the default gateway the IP of the router.
I have the DNS server IP set to Google & Level3 Communications.
If I set the DNS server under Settings>General in opnsense I lose ALL network connectivity.
However; If I manually take a PC and set it to use the DNS server everything works correctly and ads are filtered.
I wanted the router to simply use this local DNS server because its a pain to set DNS on all members of the network. I initially thought this might be a drop because of a detected DNS rebind attack, however I ran my own DNS server previously and that was still disabled.
I dont really know where to begin debugging this.
OPNsense 17.1.a_878-amd64
FreeBSD 11.0-RELEASE-p2
OpenSSL 1.0.2j 26 Sep 2016