DNS resolver and "split DNS"
-
I am trying to have a VPN client use a dnsforge.de dns server while still being able to resolve local dns domains
VPN interface: 192.168.100.1In DNS resolver, I add these fields:
# Forward non local VPN queries to dnsforge server: access-control-view: 192.168.100.0/24 vpnview access-control-view: 192.168.10.0/24 default # Default view for everyone else (no forwarding) view: name: "default" view-first: yes # VPN clients forwarded to dnsforge, except for local domains view: name: "vpnview" view-first: yes forward-zone: name: "." forward-addr: 49.12.222.213
It works for VPN clients. However, my 192.168.10.50 local host also now is forwarded to dnsforge server instead of the default global DNS servers defined under General
How can I achieve this ? Sadly, Android always uses the first DNS pushed so only option is server side
-
@phil80
Ok, short answer: unbound doesn't supportforward-zone:
per view. It is applied globally. There's a github ongoing feature request for this
If someone has another idea to achieve my goal it'd be welcome -
@phil80 You could try a NAT rule on that VLAN:
https://docs.netgate.com/pfsense/en/latest/recipes/dns-redirect.html (see the Tip) -
@SteveITS said in DNS resolver and "split DNS":
@phil80 You could try a NAT rule on that VLAN:
https://docs.netgate.com/pfsense/en/latest/recipes/dns-redirect.html (see the Tip)That doesn't work as I said: Android won't check second or more pushed dns servers if first one fails
Nat redirect will redirect all client dns queries (port based) , not queries for a domain name -
@phil80 oh I see nvm then