I am having issues with DNS resolving. I can resolve through the bridge just fine, and also on servers on the IPMI network (LAN). I am unable to resolve on the firewall itself.
Ping on Firewall Server:
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=111 time=8.62 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=111 time=8.81 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=111 time=8.79 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=111 time=8.78 ms
^C
--- 8.8.8.8 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3006ms
rtt min/avg/max/mdev = 8.618/8.749/8.812/0.077 ms
Ping using google.com:
ping: Unknown host: google.com
Nslookup for google.com on Firewall:
root@edge:~# nslookup google.com
;; communications error to 8.8.8.8#53: timed out
;; communications error to 8.8.8.8#53: timed out
;; communications error to 8.8.8.8#53: timed out
;; communications error to 8.8.4.4#53: timed out
;; UDP setup with 2001:4860:4860::8888#53(2001:4860:4860::8888) for google.com failed: network unreachable.
Config:
interfaces {
bridge br0 {
description "WAN Bridge"
member {
interface eth0 {
}
interface eth1 {
}
}
}
ethernet eth0 {
hw-id 0c:c4:7a:ba:e4:c4
}
ethernet eth1 {
hw-id 0c:c4:7a:ba:e4:c5
}
ethernet eth2 {
address XX.XX.XX.XX/27
description WAN-Access
hw-id 0c:c4:7a:ba:e4:c6
}
ethernet eth3 {
hw-id 0c:c4:7a:ba:e4:c7
}
ethernet eth4 {
hw-id 0c:c4:7a:ba:e4:c8
}
ethernet eth5 {
address 10.1.0.1/16
description IPMI
hw-id 0c:c4:7a:ba:e4:c9
}
loopback lo {
}
}
protocols {
static {
route 0.0.0.0/0 {
interface eth0 {
}
interface eth2 {
}
next-hop XX.XX.XX.XX {
}
}
}
}
service {
dns {
forwarding {
allow-from 0.0.0.0/0
dhcp eth5
ignore-hosts-file
listen-address 10.1.0.1
name-server 8.8.4.4 {
}
name-server 8.8.8.8 {
}
system
}
}
ids {
ddos-protection {
alert-script /etc/notify_about_attack.sh
direction in
listen-interface eth0
mode sflow
network XX.XX.XX.XX/27
sflow {
listen-address 127.0.0.1
port 6343
}
threshold {
general {
fps 1000
mbps 50
pps 10000
}
}
}
}
ntp {
allow-client {
address 0.0.0.0/0
address ::/0
}
server time1.vyos.net {
}
server time2.vyos.net {
}
server time3.vyos.net {
}
}
ssh {
port 22
}
}
system {
config-management {
commit-revisions 100
}
conntrack {
modules {
ftp
h323
nfs
pptp
sip
sqlnet
tftp
}
}
console {
device ttyS0 {
speed 115200
}
}
domain-search {
domain dartvps.net
}
host-name XX.net
login {
user vyos {
authentication {
encrypted-password ****************
plaintext-password ****************
}
}
}
name-server 8.8.8.8
name-server 8.8.4.4
name-server 2001:4860:4860::8888
name-server 2001:4860:4860::8844
sflow {
agent-address 127.0.0.1
interface eth0
interface eth1
polling 30
sampling-rate 1024
server 127.0.0.1 {
port 6343
}
}
syslog {
global {
facility all {
level info
}
facility local7 {
level debug
}
}
}
}
Any help is greatly appreciated! (I am going on 2 days of trying to find the case)