Results 1 to 5 of 5
  1. #1
    Newbie
    Join Date
    May 2018
    Posts
    5

    Question Domain DNS Servers causing 2Mbps Internal traffic

    I have an public domain name with a subzone internal domain name (e.g. .home.mydomain.com) that I use for my personal learning lab (devops engineer stuff). I need DNS queries for that subzone sent to a DNS server capable of resolving hostnames at home.mydomain.com, e.g. git.home.mydomain.com. Just so you know some of the components, the DNS Server is a pfsense VM. Side topic, I wish Untangle could do simple host name entries...

    Under Config > Network > DNS Server I added a Domain DNS Server for home.mydomain.com to forward to another IP address. This works great actually. However, when this one entry exists then my Untangle firewall has ~2.1Mbps consist Internal traffic listed on the dashboard. If I remove it then that usage drops back to normal.

    Anyone seen this issue?

    I'll do a packet capture to my laptop to see if its really specifically 2 Mbps of DNS traffic... seems steep to me unless I have some device doing 1000s of DNS queries a second.

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,236

    Default

    I'm confused...

    You wish Untangle could do simple host name entries, but then use the advanced version of that very thing?

    You are aware that you can put A records on the left side of that screen right?

    As for the traffic, DNSMasq is only going to do what you asked it to. I've never seen that much DNS traffic, but I've seen plenty of other things cause that, like RDP.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #3
    Newbie
    Join Date
    May 2018
    Posts
    5

    Default

    I see your point. I guess when I first configured it I put in 2 opendns entries, for some reason thinking that was where I defined DNS servers. Quick glance I didn't rethink my previous logic so ignored that section. I'll put the static A records in there instead of forwarding to pfsense.

    Thanks for the help

    Capture.PNG
    Last edited by moseygilbert; 11-16-2021 at 09:44 AM.

  4. #4
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,236

    Default

    Question, is the other DNS server using Untangle for lookups? Because PFSense also uses DNSMasq if I recall correctly.

    As such if it doesn't have an answer for something, it'll ask the upstream (Untangle), which is then configured to send that entire domain to the down stream (PFSense) which asks the upstream and...

    Around and around and around we go... where we stop only internal limits designed to stop us in our inanity know!

    Use of the A records on Untangle obviously breaks the loop, which is good but doesn't necessarily solve the problem. Beware!
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  5. #5
    Newbie
    Join Date
    May 2018
    Posts
    5

    Default

    That would make sense on why the 2Mbps of fairly consistent usage; a DNS lookup loop. I do believe that pfsense is set to send query to the default router on my home network, which 2 weeks ago was a ASUS GT5300 with no unique DNS abilities outside of a typical home router. I recently deployed Untangle with the same IP (x.x.x.1) as the previous GT5300.

    All that said, my intent is to decomm pfsense. For a few reasons, one being that my home network is nearing complexity of a small company. But first I need get another dual NIC in my Untangle host to support the additional VLANs I use for segregating personal gaming servers that are exposed externally.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2