since yesterday evening the dns resolution on my notebook running Fedora 31 is not working anymore.
My dns server is running on my OPNSense Firewall at 192.168.2.1
My dns zone is called home
If I put
nameserver 192.168.2.1
search home
in /etc/resolv.conf I can’t resolve any name.
If I try another dns server like 8.8.8.8 or 1.1.1.1 it works.
On my other machines it works without any problem.
; <<>> DiG 9.11.20-RedHat-9.11.20-1.fc31 <<>> @192.168.2.1fedoraproject.org
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
yes I already tried that
my pc can’t reach the dns server
Well. If using another DNS works, there are at lease two cases: or your Fedora box’s firewall blocks outgoing queries to 192.168.2.1 or your OPNSense firewall blocks incoming DNS queries from your Fedora box.
Please pay attention. At least in F32, firewalld switched from iptables to nftables.
I don’t know the situation on F31. I think that it was still using iptables, but I’m unsure.
Please restart the firewall. Name resolution doesn’t work again?
Maybe a transient (runtime) rule was added to the firewall?
For instance, if the firewall-cmd is used without the --permanent option, a change will only be part of the runtime configuration. When the firewall will be restarted, the rule will be lost.
This is confusing, as the rules for incoming DNS traffic are in no way related to the role of the DNS client.
And firewalld should not affect outgoing traffic that DNS queries fall into.