pfSense + VIP IP Alias #288
Description
Should ctrld work with pfSense IP aliases? I am trying to get ctrld to be able to resolve hosts when using a pfSense VIP alias. I can see the VIP listed under ctrld clients list
When trying to resolve from pfSense shell this works:
: dig google.com @10.10.10.1
; <<>> DiG 9.20.6 <<>> google.com @10.10.10.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63300
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 8988b446c915c302 (echoed)
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 187 IN A 142.250.185.142
;; Query time: 31 msec
;; SERVER: 10.10.10.1#53(10.10.10.1) (UDP)
;; WHEN: Wed Feb 04 23:03:00 CET 2026
;; MSG SIZE rcvd: 67
While, when resolving from a client, it timeouts and the query is not even visibile in ctrld's logs.
❯ dig google.com @10.10.10.1
;; communications error to 10.10.10.1#53: timed out
;; communications error to 10.10.10.1#53: timed out
;; communications error to 10.10.10.1#53: timed out
; <<>> DiG 9.18.43 <<>> google.com @10.10.10.1
;; global options: +cmd
;; no servers could be reached
Packet capture seems to show that client is reaching out but not getting replies:
23:15:19.083174 IP 10.0.1.214.35987 > 10.10.10.1.53: UDP, length 51
23:15:24.087743 IP 10.0.1.214.51843 > 10.10.10.1.53: UDP, length 51
23:15:29.090951 IP 10.0.1.214.45808 > 10.10.10.1.53: UDP, length 51