Seems that I've found the solution to this problem.. Or unless it is working for me for some time without a problem. Go to "Services: DNS forwarder". Uncheck: "Register DHCP leases in DNS forwarder" Save & Apply Uncheck: "Register DHCP static mappings in DNS forwarder" Save & Apply Re-enable the above and Save & Apply in reverse order I'll still checking, but unless now I've my host list complete and without a reboot.

ok i get it working, i just shrink the dhcp range in a half and the other half is for ip assignment. Correct - make a DHCP range that is a part of the LAN subnet. Then allocate static-mapped entries to addresses outside the DHCP range. If you do not want to give out DHCP to unknown clients (ones that have no MAC-address entry) then there is a checkbox to deny unknown clients. When doing that, you could make the DHCP range really small, because nothing is allowed to use it anyway.

Thanks a lot…

@albrandwood: So I tested it, and was able to confirm (at least with 2.0.1) you can use the "server=/domain/ip" command in the advanced option box, if it is followed by "rebind-domain-ok=/domain/" eg: server=/domain/192.168.0.1 server=/domain/192.168.0.2 rebind-domain-ok=/domain/ @ Did this actually work? Specifically, does this actually properly allow /domain/ to resolve DNS entries via either of 192.168.0.1 or 192.168.0.2 - so that your domain overrides are not 'single point of failure'?

The code that parses the text in the Advanced box allows the parameters to be separated by spaces. It puts "–" in front of every space-separated chunk of text. That does not work in your case! The code has to either be smarter and parse the input more (like ignoring space inside of quoted strings) or disallow space-separated parameters - make people put a new-line between every parameter.

It is a CPE, that can connect to internet over xDSL or over LAN interface. On bootup, the CPE makes a discover on lan interface and if option 43.1 is offered, the CPE switches from xDSL to internet over LAN. But by design, the CPE is only listening passive if the DHCP server offers this option. It is not in the Parameter Request List. Thx

What firewall rule/s have you got on the various other VLAN interfaces in pfSense? You will need to allow traffic for protocol TCP+UDP source VLAN2net destination VLAN2address port 53 (DNS) … If you have blocked off all access to VLAN2address, then that will block off the DNS also.

When things like that happen out of the blue the best fixes tend to be: 1. Check/fix the clocks and NTP on both nodes 2. Wipe the DHCP database and let them rebuild it It may have been stuck a while as they resynchronized their lease databases

I have done this accidentally also. pfSense keeps thinking that whatever is in that cache file is the current IP address that the name translates to. I seems like it should actually translate the name out on the real internet and see what that value is, then if it is different from the interface's current public IP, make the change with the dynamic DNS provider. But, I guess, it takes time for a change at the dynamic DNS provider to propagate through the internet DNS and various caches. So the translated name might be a stale value, particularly if the customer has selected a long TTL for the name. I wonder how this can be done better? Delete the cache file from /conf, that will make it forget the last setting and it will have to do an update.

just a cosmetic reason but i managed it with the pfsense dhcp server, thanks anyway

If you have an Active Directory environment, there's probably some way to assign DNS servers via a user-based Group Policy.

Great to hear - and if you donated to pfsense, that is just icing on the cake!  Thanks!!

You need to create a NEW interface, vlan for example. And no there would be no network overlap. As to how dhcp clients would know - you would have to setup a ip helper cisco calls it.  Dhcp relay on your switch.

Albra, Wasn't that comfortable editing the xml but maybe I need to warm up to it on the test box.  Prefer your option "C" the best if it works.  I saw the paste window you describe and hoped it may be a method of bulk entry but the note below states that additional options are to be entered.  I thought "options' meant custom forwarder settings rather than hostname/ip entries similar to the paste window in the unbound package.  So is the syntax hostname/ip<space>hostname/ip<space>hostname/ip? I'm doing many IP's because my network has 10 gateways with distributed DHCP on each subnet.  And I want Kiwi syslog server to resolve private IP's without relying on if the client device had a hostname entered into it's GUI.  If/when PfSense adds multiple DHCP pools such that leases can be served by PfSense to all gateway subnets then I can abandon this method. I use the unbound package so the forwarder is disabled.</space></space>

Yes CopSoft it would be helpful a few more details.  Are you saying a down interface would be needed for each additional DHCP pool desired?  I have about 10 gateways setup on the LAN.  If I need 10 down interfaces this may not be a feasible or practical hack in my case.