Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Discrepancy between dig and DNS lookup

    Scheduled Pinned Locked Moved DHCP and DNS
    3 Posts 2 Posters 447 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T Offline
      tbornon
      last edited by

      Hi,

      I have two pfsense routers connected to each other using a Wireguard tunnel.
      Site 1 : 10.83.83.1
      Site 2 : 10.83.83.2

      What I would like to achieve is to be able to access both networks from both locations transparently. I had no issues configuring the routes and I can sucessfully access all the machines from one site to another using their IPs.

      However, I'm struggling with the DNS resolution. I would like to be able to access machines on the site 2 with the names which are managed by the DNS resolver on the site 2. I therefore configured site 1 pfsense DNS to be 10.83.83.2 :
      6107ff8c-571c-4db7-8fae-e1ce5aef374c-image.png

      But whenever I try to resolve a host configured on site 2 from site 1 with the DNS Lookup tool from pfsense interface, it fails

      DNS Lookup from site 2 : we can see the host is resolved without any issue from the local DNS server
      1504d1ba-1a93-4fd7-9c15-1d8df4588dd3-image.png

      DNS Lookup from site 1 : resolve fails
      84cb3eef-d641-4b3e-ad4b-60b646572375-image.png

      But if I try to use dig from the pfsense router on site 1, I successfully get the expected result :
      545b4739-9ce0-404b-b76e-fe93ac7a4f9d-image.png

      I'm surely missing an essential thing in my configuration but I can't find what with the limited knowledge I have.

      johnpozJ 1 Reply Last reply Reply Quote 0
      • johnpozJ Online
        johnpoz LAYER 8 Global Moderator @tbornon
        last edited by

        @tbornon if you want site A to resolve stuff from B, then setup a domain override on site A unbound telling it if looking for domainX.tld to ask 10.83.83.2

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 25.07 | Lab VMs 2.8, 25.07

        T 1 Reply Last reply Reply Quote 1
        • T Offline
          tbornon @johnpoz
          last edited by

          @johnpoz It works like a charm. Thanks a lot

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.