KVM pfSense Issue
-
@scottalanmiller said in pfSense - Fresh Install - No DNS:
If you are only going to forward, there isn't too much need to look to pfSense at all. Just have clients resolved from Google directly. If you are going to have the pfSense box be the DNS server, it needs its own forwarders to be set up.
But then I can't resolve local resources, right?
-
@aaronstuder said in pfSense - Fresh Install - No DNS:
@scottalanmiller said in pfSense - Fresh Install - No DNS:
If you are only going to forward, there isn't too much need to look to pfSense at all. Just have clients resolved from Google directly. If you are going to have the pfSense box be the DNS server, it needs its own forwarders to be set up.
But then I can't resolve local resources, right?
Correct. That's why I said if you are ONLY going to forward.
-
@aaronstuder said in pfSense - Fresh Install - No DNS:
fine. I am able to resolve names on the pfSence box itself. What am I missing?
This is like SOnicwalls, you either have a DNS server internally or have all the DNS go to external DNS providers.
-
Post a Screenshot of your DNS Resolver settings and let's see if anything is amiss.
-
@aaronstuder
https://ip-address/services_unbound.php
Under General DNS Resolver Options:
Enable DHCP Registration
"If this option is set, then machines that specify their hostname when requesting a DHCP lease will be registered in the DNS Resolver, so that their name can be resolved. The domain in System > General Setup should also be set to the proper value."Enable Static DHCP
"If this option is set, then DHCP static mappings will be registered in the DNS Resolver, so that their name can be resolved. The domain in System > General Setup should also be set to the proper value." -
OK. Back to this again.....
Just did another fresh install, same issue...
I can ping everything perfectly from a client... other servers, Gateway, 8.8.8.8, but still no DNS....
-
@aaronstuder Can pfSense ping google.com?
-
@black3dynamite Yes, it can.... hmmmmm....
-
@aaronstuder Double check your DHCP and DNS Resolver settings.
-
@aaronstuder said in pfSense - Fresh Install - No DNS:
@black3dynamite Yes, it can.... hmmmmm....
So DNS works?
-
@black3dynamite everything still set to defaults... Everything seems ok...
-
Found the solution:
Disable Hardware Checksum Offloading
With the current state of VirtIO network drivers in FreeBSD, it is necessary to check the Disable hardware checksum offload box under System > Advanced on the Networking tab and to manually reboot pfSense after saving the setting, even though there is no prompt instructing to do so to be able to reach systems (at least other VM guests, possibly others) protected by pfSense directly from the VM host.Links:
https://pve.proxmox.com/wiki/PfSense_Guest_Notes
https://doc.pfsense.org/index.php/VirtIO_Driver_Support -
Factory Reset, Setup, Disable Hardware Checksum Offloading, Works Prefect.
