Lost DNS and internet connectivity after upgrading to 23.7.4

Started by ddywz, September 24, 2023, 10:54:38 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 24, 2023, 10:54:38 PM
My OPNsense was running fine on 23.1.  Once I upgraded to latest 23.7.4 and unit rebooted I lost connectivity and could not get internet connectivity and internal DNS was lost. 

Looking around I had to disable this rule I had for years on FIREWALL---NAT--PORT FORWARDING.  Pic of rule is attached here.  If I disable this rule then external connectivity is fine and I can connect on internet from LAN interface.

Still no internal DNS,  I can no longer ping by name all static reserved addresses I have created.  All this was ok before the upgrade.  I do not use any dnsmasq or OpenDNS.   I have ticked the option to Register DHCP static mapping in Unbound DNS--General.

Any help how to overcome this?  I was planning to roll back to 23.1 but I know I will hit this again if I wanted to upgrade at some point.






September 24, 2023, 11:13:27 PM #1
The rule is fine. If DNS doesn't work it means there's an issue with your Unbound configuration, so you'll have to expand on that. Screenshots would be fine.

Also, did you try some other resolver in the past and left it around ?
September 25, 2023, 12:03:04 AM #2
I have not touched the outbound config.  Always used the automatic as the attachment shows. 

I have not used any other resolver.   On my windows 10 desktop after I flushdns and do an ipconfig /all,  I see external DNS servers on it which is wrong.   

IPv4 Address. . . . . . . . . . . : 192.168.2.112(Preferred)
   Subnet Mask . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . : Sunday, September 24, 2023 6:48:20 AM
   Lease Expires . . . . . . . . . : Sunday, September 24, 2023 7:50:31 PM
   Default Gateway . . . . . . .  192.168.2.1
   DHCP Server . . . . . . . . . .  192.168.2.1
   DNS Servers . . . . . . . . . .  1.1.1.1
                                             1.0.0.1
   NetBIOS over Tcpip. . . . . : Enabled

Not sure why this changed.  It was showing DNS as 192.168.2.1 before.    All I did is upgraded to 23.7.4

Attached is the Outbound config.

September 25, 2023, 02:44:23 AM #3
You might be provisioning those DNS entries through DHCP.

Otherwise check if they're not set manually on your machine.


Lastly, what's he output of this command ?

Code Select
nslookup google.com 192.168.2.1
September 25, 2023, 04:40:07 AM #4
I managed to get the local DNS working but is weird, some hosts work and some do not.  Something is definitely broken on this release.  I gave up, rolled back to 23.1 and upgraded to latest 23.1.11_2 and restored from a backup from last week.  All working perfect.  Also some plugins are not available in 23.7.4.  I had os-dyndns plugin that is no longer available on this release.

All is working fine for now.
September 25, 2023, 08:21:18 PM #5 Last Edit: September 25, 2023, 10:57:56 PM by axsdenied
Shot in the dark without more diagnostic info:

Might be related to the "Filter Rule association" part.  I checked my entry and it matches yours EXCEPT I don't use any filter rules.  Try setting to "none" and re-enable.  See if works?
OPNsense 24.7.7 running on:
Dell Optiplex 3050
Intel I5-7600 @ 3.5Ghz (4 Cores)
Intel I350-T4 Nic
8G DDR4
256G SSD
September 25, 2023, 10:10:22 PM #6
What I will do is get another same exact Qotom Q575-G6 with 16GB RAM and 200GB storage hardware and deploy that with new 23.7 and can play around until all issues are resolved.  That way, if I'm stuck, simply plug back the old device and all is back on-line.  Is not just a matter of providing internet access but I have haproxy there for inbound connections,  DNS, DHCP, VPN server running OPENvpn so there's a lot to fix if something breaks.

Thanks for suggestion,  will try that once I get my 2nd unit to play with.
Print
Go Up Pages1
User actions