I updated from my 1.2.3 based WRAP box to a 2.0-BETA5 (self-updated after install to have latest image from around 4am today) ALIX box earlier this afternoon. I observe the same behavior from a December 13 firmware (I made the CF card way back then).
Almost everything is working. I am having some trouble with the DNS forwarder but only for *some* domains. This did not occur with 1.2.3-RELEASE. 192.168.135.1 is my pfSense LAN address. The WAN is over comcast, which assigns 75.75.75.75 and 75.75.76.76 as the DNS servers. I have selected the "allow DHCP to override the DNS servers" option on the WAN. It feels like it is eating up any 192.168.0.0/16 IP address returned for a hostname. if I look up certain host names, I get back an empty response from the dns forwarder, but other DNS servers work just fine: [lappy]% dig vk-dev.int.kcilink.com ; <<>> DiG 9.6.0-APPLE-P2 <<>> vk-dev.int.kcilink.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7576 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;vk-dev.int.kcilink.com. IN A ;; Query time: 43 msec ;; SERVER: 192.168.135.1#53(192.168.135.1) ;; WHEN: Tue Jan 18 16:35:34 2011 ;; MSG SIZE rcvd: 40 [lappy]% dig vk-dev.int.kcilink.com @75.75.75.75 ; <<>> DiG 9.6.0-APPLE-P2 <<>> vk-dev.int.kcilink.com @75.75.75.75 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4576 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;vk-dev.int.kcilink.com. IN A ;; ANSWER SECTION: vk-dev.int.kcilink.com. 3089 IN A 192.168.7.96 ;; Query time: 18 msec ;; SERVER: 75.75.75.75#53(75.75.75.75) ;; WHEN: Tue Jan 18 16:35:42 2011 ;; MSG SIZE rcvd: 56 Note below how mmfe1-prv.m1e.net fails but mmfe1.m1e.net does not. mmfe1-prv.m1e.net should resolve to 192.168.100.7 [lappy]% dig mmfe1.m1e.net ; <<>> DiG 9.6.0-APPLE-P2 <<>> mmfe1.m1e.net ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10198 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;mmfe1.m1e.net. IN A ;; ANSWER SECTION: mmfe1.m1e.net. 14299 IN A 206.112.95.7 ;; Query time: 8 msec ;; SERVER: 192.168.135.1#53(192.168.135.1) ;; WHEN: Tue Jan 18 16:38:26 2011 ;; MSG SIZE rcvd: 47 [lappy]% dig mmfe1-prv.m1e.net ; <<>> DiG 9.6.0-APPLE-P2 <<>> mmfe1-prv.m1e.net ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41805 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;mmfe1-prv.m1e.net. IN A ;; Query time: 40 msec ;; SERVER: 192.168.135.1#53(192.168.135.1) ;; WHEN: Tue Jan 18 16:38:34 2011 ;; MSG SIZE rcvd: 35 Seems the only solution is to disable the dns forwarder and renew the DHCP leases. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
