DNS failure http, https is doing fine

[us2871]

Hi,
thx for having OPNSense and this forum.
I am a bloody beginner with this stuff following stock FritzBox.
After using 17.7 I did a HW upgrade, and so also upgraded to 18.1.2
Following a new  install I imported all settings from 17.7 and i thought i´ll work fine.

But:
DNS is not working on client computers when using http, they are redirectet to my own local hosted WebServer
Https adresses open up fine

NSLookup has one unique result, my WAN IP-adress

Ping on client  is working fine
Ping, DNS-Resolving on OPNsense are doing fine:

PING spiegel.de (128.65.210.: 56 data bytes
64 bytes from 128.65.210.8: icmp_seq=0 ttl=60 time=16.887 ms
64 bytes from 128.65.210.8: icmp_seq=1 ttl=60 time=16.762 ms
64 bytes from 128.65.210.8: icmp_seq=2 ttl=60 time=16.862 ms

--- spiegel.de ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 16.762/16.837/16.887/0.054 ms

DNS-Hostname oder IP auflösen
Hostname oder IP   
spiegel.de
Rückmeldung   
Typ   Adresse
A   128.65.210.8
Auflösungszeit pro Server   
Server   Abfragezeit
127.0.0.1   0 msec
217.237.148.102   13 msec
217.237.151.115   16 msec
172.104.136.243   19 msec
144.76.34.109   34 msec
144.76.133.38   32 msec
8.8.8.8   30 msec
8.8.4.4   16 msec

if i change in System/Settings/General and foll around i.e. toggle settings, in the Process of updating i get a glimps of a very short period with a working DNS resolving. This is slightly reproducible (75%)

I´tired now, cant find the checkbox i´ve chosen wrong nor find an answer in former posts.

Does anybody have similar problems? Does anybody know where to fix it? I´m desparate...and i need some sleep...
Thx in advance, i apologize for this little professional way to describe my problem
Ulf

[thowe]

Hi Ulf

To be honest - I don't know exactly what is going on here.

But I have some points that I am thinking about, when I am analyzing your screenshot:

• Are you using Services/Unbound DNS or Services/Dnsmasq DNS? How is it configured?
• I suppose your DNS service on OPNsense is not working correctly (I know a very general fact....  )
• Maybe if you change a specific property in OPNsense settings, one or more services might be restarted and as an effect the Windows dns client times out on the server OPNsense and retries with one of the other (remote) dns servers, which during config/restart work correctly. But as soon as all services on your firewall are up again, the DNS answers coming again from firewall seem to be wrong.
• If you are using Unbound DNS - try to disable General/Enable DNSSEC Support for a test.

Sorry - that is all I can help at the moment. Maybe somebody else will know what is going wrong from the beginning?

Thomas

[fabian]

I don't think this is an OPNsense behaviour. Are you using a provider DNS?

[us2871]

Thx for your answers...
@thowe: fabian was right, not an OPNSense behavior...
@fabian:
no not a provider DNS
in my setting i had several Windows 2012R2 Servers running (VM under HyperV)
one of them had an DNS server in an own subnet (privat IP 10.x.x.x)
my "productive" subnet was a 192.168.x.x
Although  i shut the PDC with the DNS-Server this Behavior of nslookup persisted
After shutting down the HyperV, restarting OPNsens and Clients DNS-Resolving is doing as it should

so much to learn....

[tlachmann]

Observing identical behavior that some domain names results in ERR_CONNECTION_REFUSED.

But only some...

I may turn mad, cause tried all combinations, even if all other local DNS are disabled.

curious is, that if you are doing a lookup under "Interfaces>Diagnostics>DNS Lookup" you will have a correct result, if I do this via any client, I will get the always the IP 89.31.143.1.

Clients are Windows, MAC highSierra, Linux...
First observation of that behavior happens after Updated to 18.1.2

[brononius]

I've got a simular issue.
opnsense ran for months without any issue.
When I updated tot 18.2, my DNS went nuts.

I can nicely ping from the LAN towards for example hln.be.
But when I surf to hln.be, I'm getting redirected to an internal webserver page.

A very strange thing, www.google.com is working fine. I can search whatever i want, but once I click a result, I'm getting redirect again to my internal webserver.