Version 4.10.0-238 has been published to Rapid Release on pfSense, VyOS and ASUS.
This is a release with important improvements to the prior scheduled release (4.10)
- Improved dual-stack IPv4/IPv6 functionality (
isblocked now always queries
A as well as
- Improved retries for failed hole creations
- Improved Reflex connections with improved monitoring
- Added retry for failed enabler creations
- A firewall rule to reject TCP 443 to This Firewall is no longer required
- When deleting prior rule, a firewall rule to allow TCP 443 to This Firewall is now required in its place, if Secure DNS (DoH) is enabled
- When dashboard DTTS feature is turned on or off, firewall rule changes are no longer required, provided the default tag of
adamone_pass rule remains in place as the second last rule
This Rapid Release: Rollout begins 19 November 2023
Scheduled Release: 3 December 2023
Use Rapid Release if you’re adventurous or directed by our support team.
Installation steps are at https://adamnet.io/rrhowto
– Adam Networks team
Interesting behavior on this Rapid Release.
After updating, I can no longer access the pfsense box by its domain name.
I have two boxes in HA setup e.g. primary.gateway.lan and secondary.gateway.lan
After the update, when primary.gateway.lan is running as MASTER, access to the domain name primary.gateway.lan is not successful, secondary.gateway.lan is still accessible.
When the backup secondary.gateway.lan setup becomes MASTER, secondary.gateway.lan becomes inaccessible.
I already tried re-running
adamone-setup configure with the same results.
I even set an authoritative rules but no effect too.
What is probably not working is the CARP VIP as it no longer resolves the pfsense box when it is active and running as MASTER.
In the logs it will say:
System - Hosts | IP version mismatch
A temporary work-around is to enable DNS Resolver only for Localhost.
It does not survive a restart though, the DNS Resolver needs to be restarted again after the reboot.
@edanpedragosa thanks for reporting this. I will investigate further. Regarding your workaround, we support tight integration with built-in resolver which is still sometimes used directly by pfSense.
To survive reboot, make sure DNS Resolver is bound to interface
localhost only and then create a forwarding rule for
gateway.lan to be forwarded to
The full unbound integration article is here: https://support.adamnet.works/t/dns-bindings-practices-when-combining-with-unbound/609
I actually followed that setup except for the section that says optional.
This topic was automatically closed after 7 days. New replies are no longer allowed.