Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Host Overrides on DNS Resolver Does Not Seem To Work

    General pfSense Questions
    2
    4
    430
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kn4thx
      last edited by kn4thx

      I have had the DNS resolver running (Host Overrides) for a year or more with no issues, but for several months, I have noticed that the host names/domains are not forwarding internally. Is there a good way to check this? The Resolver setting should not changed so I am curious what other rules or NAT could affect this. I do no believe I have added anything significant, but am not sure where to even start. The only packages I have installed are Wireguard, pfblocker-ng, openvpn, iperf, and watchdog.

      Edit: Using the PING feature under Diagnostics, PFSense can ping these local devices successfully and returns the IP address. I am assuming it is not going out externally. Really baffled whey this is not working any longer.

      Edit 2: I tried on my Window and Linux OS but the same issue persists. I can PING the addresses in terminal or the command prompt and get a successful response, not just through pfsense. No browser allows me to resolve those targets though. I also have two different Duckdns addresses (for two different machines) so it is more than one. I can hit them perfectly fine from outside of the network.

      S 1 Reply Last reply Reply Quote 0
      • S
        SteveITS Rebel Alliance @kn4thx
        last edited by

        @kn4thx you mentioned DNS to start. To what is the DNS query resolving and what are you expecting? pfSense won’t resolve private IPs by default but you can set up a domain or host override.

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote 👍 helpful posts!

        K 1 Reply Last reply Reply Quote 1
        • K
          kn4thx @SteveITS
          last edited by

          @SteveITS Thanks, it was the Host Overrides.

          I am not sure how it changed, and it just occurred to me to check, but my Firefox settings had DNS over HTTPS enabled again. I am not sure how that happened, but I turned it off on both systems and the DNS Resolver Host Overrides work perfectly.

          S 1 Reply Last reply Reply Quote 1
          • S
            SteveITS Rebel Alliance @kn4thx
            last edited by

            @kn4thx this might help with the DoH:
            https://github.com/jpgpi250/piholemanual/blob/master/doc/Block%20DOH%20with%20pfsense.pdf

            Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
            When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
            Upvote 👍 helpful posts!

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.