After upgrade to PLUS from CE 2.7.2
-
hello good morning
I upgraded from pfsense ce 2.72 to pfsense plus ver 24.03.
After the update these DNS addresses appeared with ::1.
What are they? where do you change it?I didn't have them before upgrading.
-
@Unoptanio that is just the localhost IPv6 address, think 127.0.0.1 but for IPv6.. You can make it go away if you want.. But not really any reason too. If me I would remove the the cloudflare IPs - are you actually forwarding.. Or did you just think you needed to add dns.. Out of the box unbound resolves. There is no need to add any other dns to pfsense.
There are multiple threads around here about this - notice not showing it in mine on 24.03 - because I just never changed it back from a somewhat recent thread showing someone else how to remove it if they wanted too. I will see if I can dig up the previous thread and link to it.
Here is one of the threads.
https://forum.netgate.com/post/1178723
Simple work around to remove it.. Is set dns to 127.0.0.1 and set unbound to only use "remote" which it now thinks is the loopback address only ;)
No more ::1 listed in your dns ;)
-
-
@Unoptanio not sure what your trying to show there? Yeah that is how it works.. If you ask dns to lookup something it will ask all the ns you have listed..
Whats your question?
I take it your doing dot forwarding since you have the fqdn listed their for cloudflare.
Keep in mind when you tell pfsense to lookup something, or it needs to lookup something itself and uses those.. Say for a check if there is an update - it isn't going to be using dot.. Only unbound would use dot when it get asks to lookup something and your forwarding. If you have 1.1.1.1 listed as pfsense dns, and pfsense itself goes to lookup something from 1.1.1.1 its just going to use a normal in the clear dns over 53.
If you want to make sure pfsense never asks in the clear and only via dot, then you put your NS in there you want to ask using dot, and set pfsense itself to ignore remote and only ask local host.
