belgium.be not reachable via opnsense/pfsense?

[YuGuY]

I've already posted this question in the dutch subforum, but it might be better on this one.
Since a DDoS attack on several Belgium government websites last Thursday, it is not possible to reach (for example) the website https://belgium.be
This is only the case for clients behind opnsense and pfsense firewalls on multiple isp's en locations (also multiple fw versions). When I connect directly to the modem (same ip), everything works well.
I suppose this is a result of the actions they took to stop the DDoS attack, but it's very strange also pfsense/opnsense firewalls are affected by these actions.
Thanks in advance,
Guy

[Maurice]

I have no issues accessing this website from a host behind OPNsense. belgium.be resolves to 2a01:690:35:100::f5:79, my ISP is Vodafone Germany.

Cheers
Maurice

[YuGuY]

Thank you for your feedback. That does only make it stranger to me.
Another thing is clients told me the website sometimes works (not when I'm testing), but only for a few minutes.
It makes no sense to me...

[Saarbremer]

Hi,

your OPNsense is blocking IPv6?

belgium.be to me (Germany) is not accessible via IPv4, seems as if packet filtering on their side happens
via IPv6 I get a stable page hit as already mentioned

[YuGuY]

We have no ipv6 configured at the customers. I was also already thinking of packat filtering, but on what base?
Without pfsense/opensense there is no problem.

[Maurice]

I would look at DNS first. Do you get the same A record when resolving this via OPNsense / Unbound vs. the ISP's resolver?

[newsense]

Also, do you have IPv6 configured on the FW at all ? If the site only works in v6 you'll need more than just DNS to get things going.


There's no direct causality or correlation between DDoS and the two firewalls.