DNS issues - only on opnsense host

Started by Jay10, February 24, 2023, 01:10:50 AM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
February 24, 2023, 09:03:26 PM #15 Last Edit: February 24, 2023, 10:34:35 PM by cookiemonster
you might be ok. What happens if you use dig instead of drill ?
But remove the entries in the query forwarding section.
if I recall correctly, by having no entries for DNS servers in Unbound, Unbound will send the query to the internet root servers.
So recap, for now avoid drill. Use any of the bind/dns-tools i.e. dig, host, nslookup, etc.
For now we're troubleshooting name resolution ON the firewall, so we want to stay local.
The firewall doesn't get forced to go to AdGuard at the moment, so all queries are local, you just need to direct the dig query to either of the running listeners.
Then you can check to update the system again.
February 25, 2023, 01:02:41 AM #16 Last Edit: February 25, 2023, 01:06:11 AM by zan
Quote from: Jay10 on February 24, 2023, 08:24:42 PM
Code Select
root@OPNsense:~ # sockstat -l | grep 'unbound\|AdGuard'
root     AdGuardHom 61200 13 udp4   10.0.0.1:53           *:*
root     AdGuardHom 61200 14 tcp4   10.0.0.1:53           *:*
root     AdGuardHom 61200 21 tcp4   10.0.0.1:8080         *:*
root     syslog-ng  19509 22 dgram  /var/unbound/var/run/log

I think we found the culprit. Your AGH only listen to LAN interface.
Edit your /usr/local/AdGuardHome/AdGuardhome.yaml and change the "bind_hosts" under "dns:" to '0.0.0.0' then restart AGH should fix this.

Edit: https://github.com/AdguardTeam/AdGuardHome/wiki/Configuration#configuration-file

February 25, 2023, 04:59:21 AM #17
As Cookie suggested, I just removed all upstream DNS & ran
Code Select
host google.co.uk 127.0.0.1
which didn't work

then tried:
Code Select
host google.co.uk 10.0.0.1
which was successful!

I was coming back here to report my findings and as soon as I read your message I knew, that would be it... Checked and sure enough it was set to only listen on LAN! This was my 2nd or 3rd attempt at removing everything and setting up from scratch...

The previous times I had it listening on all & this issue was still present - must have been a combination of issues.

For anyone that may find this thread from a search, all of my settings are exactly as in this thread.

Thank you both so much for all your help! (and patience).
What a great community!
March 26, 2023, 12:58:06 AM #18
Hey Jay10,

I have same exact situation where DNS is working everywhere else except local opnsense host. What have you done to resolve ? You mentioned you are using same setting but did multiple time reinstallation?

Thanks for this thread otherwise I was scratching my head.
April 08, 2023, 07:28:33 PM #19 Last Edit: April 08, 2023, 07:32:03 PM by Heliox
Quote from: netlab on March 26, 2023, 12:58:06 AM
Hey Jay10,

I have same exact situation where DNS is working everywhere else except local opnsense host. What have you done to resolve ? You mentioned you are using same setting but did multiple time reinstallation?

Thanks for this thread otherwise I was scratching my head.

I faced the same problem. I had to change the bind_host to

dns:
  bind_hosts:
    - 0.0.0.0

in /usr/local/AdGuardHome/AdGuardHome.yaml.

(also tried all other changes suggested here, didn't work)
Print
Go Up Pages 1 2
User actions