forget the highlighting apparently. doesn't work in "code" sections!

Should I just configure a cron to periodically restart the DNS Forwarder?

Where you already have internal DNS servers, the only benefit of the DNS forwarder is it may improve lookup performance since it'll query all its configured servers simultaneously and take the fastest response. Aside from that, it's mostly beneficial for networks that don't have any local DNS servers.

Hmmmm… OK I have that set in my dhcpd.conf so some firewall rule on the server running dhcpd is blocking it from either sending or receiving the request. Thanks for all your help, I will have to continue to poke at this one. Edit: Got it to work, not exactly quite sure how yet. I did end up changing the listening ethernet port as 2 of 4 are on the same subnet/switch and deleting the dhcp ports firewall rule and it just started working. Thanks again for the help and direction.

Sorry for the late reply. The way I am reading the comment in pfSense is that I can not use the same DNS'es for both WAN. So I have set up two DNS'es for each WAN and they are not the same. Am I thinking the right way here? Or could I have used the same two DNS'es for both WAN? For WAN1 I am using 208.67.222.222 and 208.67.222.220 For WAN2 I am using 208.67.220.220 and 208.67.220.222

Thanks for the help.  With this information, I did a search for posts by stephenw10 and found the following post containing a script that cycles the WAN interface to do what I need. http://forum.pfsense.org/index.php?topic=43729.0

DNS Forwarder Strict Order Option Patch Attached patch file adds a DNS forwarder strict order option to System: General page. The strict order option cause dnsmasq to query each of the DNS servers in sequential order rather than all at once in parallel. Patches are intended as examples only. Patches are AS IS and Untested. Not for production use. Do NOT use in production environment. Use at your own risk. No support. By using these patches you agree to assume all liability. Save Attached File: System.DNSForwarderStrictOrder.patch(.txt) Apply Patch: patch -p0 -i System.DNSForwarderStrictOrder.patch Patch file built with: 2.0.1-RELEASE (i386) built on Mon Dec 12 18:24:17 EST 2011   System.DNSForwarderStrictOrder.patch.txt

An easier way to accomplish "resolve locally only" is to add the dnsmasq custom option local=/domain-name/ in the Advanced section on Services -> DNS Forwarder

http://doc.pfsense.org/index.php/Why_can%27t_I_have_static_mappings_inside_my_DHCP_range%3F

I'm not aware of any provider that requires more frequent than that, which are you seeing where that's the case? Generally it's a month or more. That's hard coded in the source, /etc/inc/dyndns.class

Feel so stupid????????? Client isolation was on. I really thought i've shut it of. Thx for the help. Finally my hotspot is running as it should be.

I'm having the same problem! When I Disable "DNS Rebinding Checks", stop squid authentication on AD. I'm studing any solution.  ;D

rajbps, Use one of these reverser proxy servers: squid3 varnish apache2+modsecurity haproxy att, Marcello Coutinho

who may help add the DNSCurve in pfsense? see informations: http://curvedns.on2it.net http://dnscurve.org/crypto.html

In a normal setup, how would the 2k8 server dhcp be able give wan interface of your router address via dchp.  They clearly should not on the same wire (switch) I agree an actual drawing would be nice.  From your post modem –- wan (pfsense) lan -- 2k8 -- clients? Do you have multiple interfaces on 2k8?  Do you man that lan of pfsense connected to switch, and then both clients and 2k8 all connected to same switch? Seems like you must have your pfsense interfaces not connected correctly if 2k8 dhcp is handing it an IP.

Aaaaaand last one (domain controller VM network configuration). [image: DC-netconfig.PNG] [image: DC-netconfig.PNG_thumb]

Went back and deleted all the VLANs again and set them up, one by one, and disabled the DHCP daemon for each one as I went. I was able to get them all setup this way and still have the LAN DHCP service functioning. Went back in and enabled JUST the VLAN40 DHCP server and restarted the DHCP daemon.  It continued to work….. ??? Really didn't do anything different this time, from a setup perspective.  What I did originally should have been fine. Not sure why it's acting normally now.  Hate when things fix themselves!  I'd rather it stay broken so I could understand what the problem was until I fixed it.