>From my Mac inside the firewall. 00:27:51 Thu Jan 27 $ cat /etc/resolv.conf # comments snipped domain lambertfam.org nameserver 192.168.41.1
00:27:29 Thu Jan 27 $ dig col-br.gvh.tcworks.net ; <<>> DiG 9.6.0-APPLE-P2 <<>> col-br.gvh.tcworks.net ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21011 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;col-br.gvh.tcworks.net. IN A ;; Query time: 6 msec ;; SERVER: 192.168.41.1#53(192.168.41.1) ;; WHEN: Thu Jan 27 00:27:38 2011 ;; MSG SIZE rcvd: 40 00:27:38 Thu Jan 27 $ dig col-br.gvh.tcworks.net @216.61.218.2 ; <<>> DiG 9.6.0-APPLE-P2 <<>> col-br.gvh.tcworks.net @216.61.218.2 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37632 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3 ;; QUESTION SECTION: ;col-br.gvh.tcworks.net. IN A ;; ANSWER SECTION: col-br.gvh.tcworks.net. 86400 IN A 10.128.1.11 ;; AUTHORITY SECTION: gvh.tcworks.net. 86400 IN NS ns2.tcworks.net. gvh.tcworks.net. 86400 IN NS ns3.tcworks.net. gvh.tcworks.net. 86400 IN NS ns1.tcworks.net. ;; ADDITIONAL SECTION: ns1.tcworks.net. 600 IN A 216.61.218.2 ns2.tcworks.net. 600 IN A 216.61.218.3 ns3.tcworks.net. 600 IN A 69.153.112.21 ;; Query time: 4 msec ;; SERVER: 216.61.218.2#53(216.61.218.2) ;; WHEN: Thu Jan 27 00:27:51 2011 ;; MSG SIZE rcvd: 158 2.0-BETA4 FreeBSD pfsense.lambertfam.org 8.1-RELEASE-p1 FreeBSD 8.1-RELEASE-p1 #0: Wed Sep 29 14:52:58 EDT 2010 sullrich@FreeBSD_8.0_pfSense_2.0-snaps.pfsense.org:/usr/obj.pfSense/usr/pfSensesrc/src/sys/pfSense_wrap.8.i386 i386 The firewall has been up 110 days, 15:34. A reboot didn't change the situation. I also upgraded to the Jan 26th snapshot and found the same results. Hostnames in the same subdomain without the hyphen work through dnsmasq on the pfSense box. 00:52:21 Thu Jan 27 $ dig col.gvh.tcworks.net ; <<>> DiG 9.6.0-APPLE-P2 <<>> col.gvh.tcworks.net ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46942 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 3, ADDITIONAL: 3 ;; QUESTION SECTION: ;col.gvh.tcworks.net. IN A ;; ANSWER SECTION: col.gvh.tcworks.net. 86400 IN A 64.250.41.2 col.gvh.tcworks.net. 86400 IN A 69.153.112.50 ;; AUTHORITY SECTION: gvh.tcworks.net. 86400 IN NS ns1.tcworks.net. gvh.tcworks.net. 86400 IN NS ns2.tcworks.net. gvh.tcworks.net. 86400 IN NS ns3.tcworks.net. ;; ADDITIONAL SECTION: ns1.tcworks.net. 600 IN A 216.61.218.2 ns2.tcworks.net. 600 IN A 216.61.218.3 ns3.tcworks.net. 600 IN A 69.153.112.2 [2.0-BETA5][ad...@pfsense.lambertfam.org]/root(1): cat /etc/resolv.conf domain lambertfam.org nameserver 216.61.218.2 nameserver 216.61.218.3 nameserver 69.153.112.21 [2.0-BETA5][ad...@pfsense.lambertfam.org]/root(2): dig col-br.gvh.tcworks.net ; <<>> DiG 9.6.2-P2 <<>> col-br.gvh.tcworks.net ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62076 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3 ;; QUESTION SECTION: ;col-br.gvh.tcworks.net. IN A ;; ANSWER SECTION: col-br.gvh.tcworks.net. 86400 IN A 10.128.1.11 ;; AUTHORITY SECTION: gvh.tcworks.net. 86400 IN NS ns1.tcworks.net. gvh.tcworks.net. 86400 IN NS ns2.tcworks.net. gvh.tcworks.net. 86400 IN NS ns3.tcworks.net. ;; ADDITIONAL SECTION: ns1.tcworks.net. 600 IN A 216.61.218.2 ns2.tcworks.net. 600 IN A 216.61.218.3 ns3.tcworks.net. 600 IN A 69.153.112.21 ;; Query time: 49 msec ;; SERVER: 216.61.218.2#53(216.61.218.2) ;; WHEN: Thu Jan 27 00:58:21 2011 ;; MSG SIZE rcvd: 158 [2.0-BETA5][ad...@pfsense.lambertfam.org]/root(3): dig col-br.gvh.tcworks.net @127.0.0.1 ; <<>> DiG 9.6.2-P2 <<>> col-br.gvh.tcworks.net @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4961 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;col-br.gvh.tcworks.net. IN A ;; Query time: 7 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Thu Jan 27 01:00:23 2011 ;; MSG SIZE rcvd: 40 -- Scott Lambert KC5MLE Unix SysAdmin lamb...@lambertfam.org --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org