hi, I can confirm similar dns-forwarder outages on other non PPtP setups
I have CARP setups, where dns forwarder work not propperly. most of them use OpenVPN also so may a general issie with the dns forwarder ? also a "overwrite" of a zone = zone forwarder will not work in v2.0.2 br stephan 2013/3/21 Michael Schuh <[email protected]> > Can this be sourced by a routing change through the connection time? > affected are pptp and ipsec so i guess it as potential source of this. > if the udp packets do not arrive in the right order, what happens to those > VPN-Types? > > > 2013/3/20 Michael Schuh <[email protected]> > >> http://redmine.pfsense.org/issues/2150 <<< this on amd64 here too. >> No idea why it does not work after the upgrade. >> >> >> 2013/3/20 Michael Schuh <[email protected]> >> >>> Hi @all, >>> >>> i have a little problem after upgrading a 1.2.2 version system to 2.0.2. >>> everything worked fine, beside a fine tuning of the ipsec tunnels and >>> the pptp connections. >>> after changing the configuration of the pptp-config after the >>> PPTP-VPN-Howto >>> on the docs site, the problem is still persistent. >>> >>> i searched all the docs and the net, but didn't found a answer. >>> >>> pptp clients can connect, ping and open tcp-connections like ssh. >>> the only flaw is, that i do not get any respond from the dnsmasq. >>> >>> traffic is allowed from all pptp-clients to everywhere. >>> i can see the allowed requests as pass in the logs. >>> >>> ping to gateways LAN address works fine >>> ssh to the LAN-address and accessing the console too. >>> >>> dig some-name.mydomain.org @[LAN-address of the pfSense] >>> does not get any answer. >>> doing that in console and/or php-execute works fine. >>> >>> sockstat -4l displays me that the dnsmasq is listening at *.*:53 >>> netstat -nr -f inet shows me all routes correct. >>> >>> Scrubbing is on and if we disable it, our entire network works not >>> as expected. Specially TCP-Connections with big packets >>> through a IPSEC VPN-Tunnel. >>> >>> Scrubbing would be one possible source that i could see here, but >>> the fact that TCP-Connections and icmp works fine, let me assume that >>> scrubbing does not interferes. >>> >>> i would apreciate it if somebody has an idea what can be wrong there >>> or if i missed a filed bug. >>> >>> many thanks in advance >>> >>> regards >>> >>> michael >>> -- >>> = = = http://michael-schuh.net/ = = = >>> Projektmanagement - IT-Consulting - Professional Services IT >>> Michael Schuh >>> Postfach 10 21 52 >>> 66021 Saarbrücken >>> phone: 0681/8319664 >>> @: m i c h a e l . s c h u h @ g m a i l . c o m >>> >>> = = = Ust-ID: DE251072318 = = = >>> >> >> >> >> -- >> = = = http://michael-schuh.net/ = = = >> Projektmanagement - IT-Consulting - Professional Services IT >> Michael Schuh >> Postfach 10 21 52 >> 66021 Saarbrücken >> phone: 0681/8319664 >> @: m i c h a e l . s c h u h @ g m a i l . c o m >> >> = = = Ust-ID: DE251072318 = = = >> > > > > -- > = = = http://michael-schuh.net/ = = = > Projektmanagement - IT-Consulting - Professional Services IT > Michael Schuh > Postfach 10 21 52 > 66021 Saarbrücken > phone: 0681/8319664 > @: m i c h a e l . s c h u h @ g m a i l . c o m > > = = = Ust-ID: DE251072318 = = = > > _______________________________________________ > List mailing list > [email protected] > http://lists.pfsense.org/mailman/listinfo/list > > -- Stephan Wolf WolfSec Rairing 65 CH-8108 Dällikon +41 43 536 1191 +41 76 566 8222 http://www.wolfsec.ch
_______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
