It is slower 21.02p1 as well

It works

No complaints

@derelict

Seems to be working. Domain override is working and Im not seeing any other interfaces going to the internet.

I guess I overthought the implementation, thanks!

Glad you got it sorted..

In my ongoing "battle" with DDNS and dynamic prefixes I was able to get a "RFC 2136 Client" in pfSense working with dynv6.com. The "normal" DDNS-Client in pfSense for dynv6 wouldn't work for me. 😢

Anyway, what it allows me, is to have a prefix on an interface in the DNS. Together with static interface identifiers (host part), like you can have in pfSense with DHCPv6 Static Mappings on an interface which tracks IPv6-WAN, now the hosts have a working DDNS, because the changing prefix get registered in DNS, not only in pfSense.
Capturexy.JPG

dynv6.com even allows you to use your own sub-domain via delegation, which I did.

@tomashk Thank you very much, that helped!)

Yeah that allows you to use a domain that is public, and look up non local resources. I personally think it should default to static.. To prevent queries for domain that doesn't exist in the public space.

I have mine set to static, since the domain I use locally doesn't exist in the public space - so no point in trying to resolve public if there is no local record..

Them pointing cname to cname isn't best practice either. While its allowed - it causes extra lookups..

;; QUESTION SECTION: ;www.broadcom.com. IN A ;; ANSWER SECTION: www.broadcom.com. 300 IN CNAME cdn.broadcom.com. cdn.broadcom.com. 3600 IN CNAME www.broadcom.com.cdn.cloudflare.net.

If they want www.broadcom.com to point to www.broadcom.com.cdn.cloudflare.net.

Then they should just do that, but they are pointing to cdn.broadcom.com first, which then points to the cloudflare.net cname..

Its not efficient to do that.. Just causes extra work..

@fearlessfara I realize this question is getting older, but since it's a main result in search engines I want to add that now with the latest pfSense version you no longer use the record ID. Just use the actual host name, e.g. "host", and "domain.com" for domain. It just works now; right inside pfSense. Though the instructions on the dynamic DNS client edit page still talk about using the Record ID for DigitalOcean, which is no longer correct. It would have saved me hours if the instructions had been updated. So maybe this additional info will help someone.

Nevermind. Recreating DDNS entry with domain name + key resolved the issue. So just a glitch after upgrade :)

Oh. ? Had originally enabled on OPT1 to mirror OLD router's scope, save myself having to make lots of changes. Then decided to just "bite the bullet" and get it over with. Deleted the DHCP server and disabled the interface.

Static leases remained on the Status | DHCP Leases page. Had to re-enable the interface w/ a stack address of old scope, THEN go to Services | DHCP Server and was able to delete them.

I suppose that makes sense as old statics could still have routes... None existed, but.

Still neophyte RE pfSense. That's why I bought it, want to learn, what does the world (network) look like from the BSD/pfSense view.

Thanks for taking the time to reply. Just didn't "see" the 3rd octet being foreign. Sheesh.

There is nothing magic about this, route port 80 and 443 to your local webserver, in the webserver you configure which host(fqdn) goes to which configuration as all http/https traffic will pass as is. Your ISP modem will have to be in bridge mode though, double NAT doesn't always work and CGNAT does not work at all.

@gertjan thank you, that makes sense

Glad its sorted - odd that 1.13.0 no parse error but 1.13.1 parse error.

If you have any questions with setting up tunnel from HE.. Just ask - be using them for like 11 some years..

I'm a big fan of just using tunnel vs what normally amounts to a shitty deployment from ISPs - because its static, you can take it with you no matter what ISP you move too.. And makes it very easy to setup whatever /64 prefixes you want on your local vlans, etc.

They have a great global IPv6 backbone with tons of great peering..

@90ninety said in Gateway DHCP Down:

Thanks for the help

😉