I think I got things worked out now. Ended up with:
pihole using google for DNS (8.8.8.8, 8.8.4.4) and the pfSense box so
local DHCP systems will resolve.
pfSense is set to use just the piHole for DNS.
I did see the piHole having an IPv6 address set even though I have no
way to use it other than locally so I disabled that. IPv4 only now. Not
quite sure if that could have been mucking things up or not.
The website I was having problems with now loads but after the page is
displayed it's trying to load other content and so far I haven't quite
figured out what. The website is a mess of CDN network content so this
may take awhile to dig into.
On 02/19/2017 08:05 AM, Moshe Katz wrote:
Steve,
The easiest next step to troubleshoot is to manually set the iPad's
DNS to point to the pfSense. If that works, then you know the problem
is in the PiHole. If that doesn't work, try setting the iPad to use
Google Public DNS (8.8.8.8 and 8.8.4.4). If that works, then the
problem is the pfSense. If that doesn't work, then the problem is the
iPad itself.
To change the iPad's DNS server, you can follow these instructions:
http://www.macinstruct.com/node/452
The next troubleshooting step would be to do a packet capture of
whichever leg of the query (iPad -> PiHole, PiHole -> pfSense, or
pfSense -> Internet) seems to be the problem. Set a filter on the
packet capture to capture only DNS traffic (port 53). Then you can see
if the request is malformed, if no response ever comes back, or if the
response is malformed.
Moshe
--
Moshe Katz
-- [email protected] <mailto:[email protected]>
-- +1(301)867-3732
On Sat, Feb 18, 2017 at 3:35 PM, Steve Berg <[email protected]
<mailto:[email protected]>> wrote:
Having an odd issue with DNS not resolving for one hostname from
one client.
I've got this setup:
cable modem -> pfSense (2.3.2-RELEASE-p1) -> internal network
Inside the network I have a piHole running on an RPi3 and all
systems get a statically mapped DHCP address (from pfSense) and
the piHole is set to be DNS. piHole uses pfSense as it's upstream
DNS so all all internal hostnames resolve locally from
piHole/pfSense, outside hostnames come from dnsmasq on piHole or
pfSense.
On my iPad when connected to the WiFi I cannot resolve the IP for
our local newpaper's website, all other hostnames seem to resolve
just fine. That newpaper site resolves for other clients on the
internal network with no problem including an iPhone on the WiFi.
As soon as I turn the iPad's WiFi off and connect via Verizon LTE
it sees the newspaper site just fine.
Only the one wireless device is showing this problem so far.
Nothing on the wired network, and not the other three wireless
devices.
I've turned on DNS forwarder on pfSense and DNS resolver, but I
really don't think it's either of those because I'm not seeing the
problem on anything but the one iPad.
I'm fairly new to pfSense but not to general networking so this
one has me stumped at the moment. I have looked into using
pfBlockerNG instead of pihole but I'd rather figure this problem
out first. If anyone has suggestions on what might be wrong and
how to fix I'd appreciate it.
--
//- Fixer of that which is broke -//
//- Home = [email protected]
<mailto:[email protected]> -//
//- Sinners can repent, but stupid is forever. -//
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
<https://lists.pfsense.org/mailman/listinfo/list>
Support the project with Gold! https://pfsense.org/gold
--
//- Fixer of that which is broke -//
//- Home = [email protected] -//
//- Sinners can repent, but stupid is forever. -//
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
