DNS forwarder issue appear to be load balancing after update

Started by Julien, October 02, 2017, 12:44:41 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 02, 2017, 12:44:41 PM Last Edit: October 02, 2017, 02:21:31 PM by Julien
Hi guys
after updating the opnsense laste day I can't seem to browse to the internet.
I can ping 8.8.8.8 but not www.google.com

when I nslookup domains its does resolve with the ip.
is this a firewall issue?

Can someone please point me to the right directions ?

Thank you so much
DEC4240 – OPNsense Owner
October 02, 2017, 01:31:04 PM #1
First thing, check if it's a matter of DNSSEC in Unbound DNS:

1. Disable "Harden DNSSEC data", then check DNS resolving.

(and if not)
2. Disable DNSSEC completely, then check again DNS resolving.

Let us know it it worked. :)
October 02, 2017, 01:38:24 PM #2
Quote from: hutiucip on October 02, 2017, 01:31:04 PM
First thing, check if it's a matter of DNSSEC in Unbound DNS:

1. Disable "Harden DNSSEC data", then check DNS resolving.

(and if not)
2. Disable DNSSEC completely, then check again DNS resolving.

Let us know it it worked. :)

Thank you for your quick answers.
where can I find those info ? on the LAN ? Services?
thank you
DEC4240 – OPNsense Owner
October 02, 2017, 01:45:53 PM #3
Quote from: Julien on October 02, 2017, 01:38:24 PM
where can I find those info ? on the LAN ? Services?
thank you

Harden DNSSEC data: Services -> Unbound DNS -> Advanced

Enable DNSSEC Support: Services -> Unbound DNS -> General

QuoteThank you for your quick answers.

It was only a coincidence, I just logged in for the first time this week, and clicked "Show unread posts since last visit." You're welcome! :)
October 02, 2017, 02:21:16 PM #4 Last Edit: October 02, 2017, 06:34:50 PM by Julien
Thank you for your answer,
the issue appear to be a loadbalancing issue.
we have a load balancing the idea is tier 1 is the main connection and when tier 1 is down tier 2 takes over.
today was tier 2 down and the all the connections was down.
this configuration has been configure 2 years ago and its been working fine until last dat we updated the firewall

Do we have to applied the DNS rules on each VLAN interface? or on the LAN is enough? on the below configuration steps 5
https://docs.opnsense.org/manual/how-tos/multiwan.html

DEC4240 – OPNsense Owner
October 03, 2017, 11:30:45 AM #5 Last Edit: October 03, 2017, 11:55:26 AM by Julien
any suggestions guys here?

below screenshots is the rules of the LAN for the LOADbalancing.
we have created those rules on the LAN.
VLANS 10/2/3/4/5/6 are member of the LAN physical NIC,do we have to create this on each VLANS interface ?
the Loadbalancing is working but when we remove the secondary WAN the internet remain working, but when we remove the WAN1 internet goes down. I remember having this issue 2 years ago and Josschilve has helped.

please see below screenshots shoemhow it does not switch the gateway when the WAN1 is down.
DEC4240 – OPNsense Owner
October 05, 2017, 03:01:34 PM #6

we have decided to go back to Pfsense for this customer as LOADBALANCING is working out of the box.
DEC4240 – OPNsense Owner
Print
Go Up Pages1
User actions