I have a problem with DNS Resolver whenever I activate it, the internet connection stops working a DNS problem I didn’t do anything special just enabled it, I set Network Interfaces to ALL and set Outgoing Network Interfaces to ALL or the WAN interfaces, System Domain Local Zone Type set to transparent, DNSSEC enabled, DNS Query Forwarding enabled but isn’t working even though DNS Server Settings are configured and work fine when DNS Resolver is disabled also enabled DHCP Registration and Static DHCP.
I have one Lan and 3 Wan connections configured in a Gateway Group.
are there any prerequisites I need to configure or is there any mistake in my configuration.
It looks like you have the same configuration as me, except for enabling forwarding mode. Do you have a specific reason to use forwarding rather than resolving? AFAIK, forwarding doesn’t maintain a cache so is less performant than resolving.
Some behaviour tests to consider:
You should be able to connect to the DNS Resolver and resolve a FQDN* using nslookup (nslookup > server IP > FQDN) at your client without error e.g. timeout.
You should be able to change your DNS Server settings in DHCP, then check DNS setting at your client with ipconfig (ipconfig /all > CHANGE DNS > ipconfig /renew > ipconfig /all).
You should be able to resolve a FQDN at your client (e.g. nslookup) then check the DNS Resolver status to see it listed.
I have attached my DNS Resolver settings below for comparison. Note: all Advanced settings are defaults.
*Note: Windows nslookup only considers it a FQDN if it has a trailing dot e.g. microsoft.com <> FQDN microsoft.com. = FQDN
If you do not include the trailing dot, nslookup by default will append your local domain (and potentially any connection-specific sub-domain) to the query.
thanks for the help and sorry for the late reply, I couldn’t find a good time to test it until now,
at first, I configured it exactly like the configuration you shared it didn’t work same problems of DNS not resolving some websites work others don’t.
from what I remember it’s not necessary to configure DNS servers in the DHCP server but that was the missing part for me and the only way for it to work.
to confirm I went back and removed the DNS servers entries in the DHCP server just left it empty, and it still works I have no idea why it didn’t work before and how come it’s working now.
is it possible for something on the network to be interfering with DNS resolver, yesterday when only a few of the users were present it worked fine but today with most users present it went back to its old behavior.
edit:
I activated it again to check if it works if I applied it just on a VLAN with one PC that I know works fine and doesn’t cause any problems, but I miss configured it and got applied on both the LAN and VLAN, but it works at least for now, I hate this inconsistency it makes knowing the actual cause of the problem extremely hard.
No, the VLAN is a later addition.
I was having a problem with DNS resolver since the first time I installed PfSense and tried to configure it.
the IP I’m using for the DNS resolver is the default one I didn’t change anything about it.
it’s working for now but still have no idea what was stopping it from working before!
