On 2026-06-18 21:42, Rudolf Leitgeb wrote:
On Wed, 2026-06-17 at 17:21 -0700, Aric Gregson wrote:
On 2026-06-14 00:11, Rudolf Leitgeb wrote:
> What is your DNS setup? Which DNS server address is returned by
> your
> DHCP server? Is this DHCP server reachable from your client? Can
> you
> check on your client, which name server is configured?
The gateway gets two name servers from the network and I have added
three others to the gateway /etc/resolv.conf that I know work.
On the client /etc/resolv.conf shows the gateway: 192.168.1.1 and no
other name server.
I can ping all the name servers in the /etc/resolv.conf on the
gateway from both the gateway and the client.
You used these dig calls on your router, but have you also used them
on your client computer? Is the name server on your router reachable
from your client? Does it listen on the lan port?
OK, after some back and forth looking into your questions I have figured
out, at least, how to make it work.
I am able to dig openbsd.org on the router.
I was NOT able to dig openbsd.org on the client. Client /etc/resolv.conf
had only 192.168.1.1 as the nameserver. By adding 9.9.9.9 to the client
/etc/resolv.conf, I can dig openbsd.org and load webpages normally.
I thought that the examples in dhcpd pointed to putting the router
address as the nameserver, but this seemed not to work. Only after
adding another nameserver in the /etc/dhcpd.conf (an opendns one) and
restarting both dhcpd on the router and restarting the client computer
does the dig and webbrowswer work.
I now see on the client /etc/resolv.conf that the opendns nameserver has
been added via em0 (ie, the router).
I do not think that pf had anything to do with this, but I did remove
the $client_out bit and opened up outbound tcp completely.
Thank you very much for pointing me in the right direction to solve
this. I'll see how it goes when I put the router on the entire network.
Thanks, Aric
