Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS Forwarder cache and configuration issues - Fresh eyes needed

    DHCP and DNS
    2
    2
    533
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      Ralphys
      last edited by

      DNS Forwarder cache and configuration issues - Fresh eyes needed

      Hello all,

      I haven't used dnsmasq in pfSense in a long time. Today, while testing DNS Forwarder in pfSense 2.4.2_1 (latest stable) I stumbled with a two issues:

      1- DNS Forwarder does not seem to be caching requests
      2- DNS Forwarder does not seem to read my custom /usr/local/etc/dnsmasq.conf file

      1. When I dig a domain I'm not getting any cached responses from DNS Forwarder

      2. I have later tried to use my own dnsmasq.conf configuration file but that hasn't helped me at all

      /usr/local/etc/dnsmasq.conf

      I have created a /usr/local/etc/dnsmasq.d directory to add additional .conf files but they do not seem to be loading at all.

      For example, I've added a blacklist.conf file to block a bunch of hosts and I don't get the response I'm expecting from dnsmasq. It's like it isn't even looking at the file.

      Could someone give DNS Forwarder a try in 2.4.2_1 and confirm (duplicate) this behavior - Is it there something wrong with my configuration? - Please HELP!

      p.s I've created a bash script using zenity to easily generate blacklist.conf files for unbound and dnsmasq. I think it will be helpful for those less familiar with a terminal. I'm also skipping zenity in a later version to be able to run it in a pfsense box on schedule and update the blacklist automatically.

      1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan
        last edited by

        @rafaelr:

        DNS Forwarder cache and configuration issues - Fresh eyes needed

        Hello all,

        I haven't used dnsmasq in pfSense in a long time. Today, while testing DNS Forwarder in pfSense 2.4.2_1 (latest stable) I stumbled with a two issues:

        1- DNS Forwarder does not seem to be caching requests
        2- DNS Forwarder does not seem to read my custom /usr/local/etc/dnsmasq.conf file

        1. When I dig a domain I'm not getting any cached responses from DNS Forwarder

        2. I have later tried to use my own dnsmasq.conf configuration file but that hasn't helped me at all

        /usr/local/etc/dnsmasq.conf

        I have created a /usr/local/etc/dnsmasq.d directory to add additional .conf files but they do not seem to be loading at all.

        For example, I've added a blacklist.conf file to block a bunch of hosts and I don't get the response I'm expecting from dnsmasq. It's like it isn't even looking at the file.

        Hi,

        "Never ever" change these files directly. Use the GUI. That's what is pfSense is all about.
        Extra option to include can be pasted (before rigorous checking) into the GUI, who maintains the setting files on disk.

        It's very well possible to set up dnsmasq manually - the old fashioned way, but in that case it might be better that you install a native FreeBSD, add the needed packages and create a firewall by hand. Now you have possibility of editing files manually without consequences.

        Your last 7 images, those who show the settings used for the "DNS Blacklist generator" : the last images shows the path to something that could be related to unbound, not the forwarder.
        What are you using, the forwarder (dnsmasq) or the resolver (== unbound) ?

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.