Table of Contents

PFSense - DNS - Troubleshooting - notice sendto failed Permission denied

Navigate to Status → System Logs → System → DNS Resolver.

Many log message showing errors such as:

Mar 26 13:21:16 	unbound 	33572:0 	notice: sendto failed: Permission denied 


Cause & Fix

IPv6 could be disabled on the WAN port

NOTE: The resolver settings are not dynamically checking/applying upstream ipv4/6 connectivity but assuming both are active.

Simply ignore for these messages for now, or allow IPv6 on the WAN.


Suricata may be blocking these addresses

Usually due to ET DNS Query to a *.pw domain - Likely Hostile.


Unbound may have crashed

In the past Unbound could crash with a buffer overflow.

But this should have been fixed.