DNS Forwarder VS setting firewall-rules to direct request to your own DNS server
-
Hi all,
I've got a machine setup to act as DNS server. `m planning
to use the router's public ip as its public IP.router -> pfsense -> my DNS server.
router's DMZ has been setup so that it forwards request to pfsense.
I'm thinking that I should be able to define a new firewall rules
that's basically saying:WAN -> LAN .. source:* mydnsserver:53
and vice-versa from LAN->WANI couldn't make it work. There seems to be other rules that blocks
for some reason.Another solution that I'm thinking is to define the DNS forwarder feature
in pfsense. Though I don't really have a clue what this does ?Could someone help ?
Thanks,
-
The DNS forwarder is simply a dns cache that will resolve dns requests that it doesn't have in it's cahe thorugh the dns servers specified at system>general. You can make some custom resolutions by entering speciaal dns servers for special domains or overriding some hostnames by using static mappings.
-
so, does this mean the dns forwarder on pfsense is likely to crash if used extensively?
and so, if wanting to use it extensively, use firewall rules?Kaz
-
Define extensively, I think to answer the overall question.
-
until now i did not have a single problem with that dns-forwarder and believe me: it is used like hell here :-)
i have 500 clients behind out own 2 DNS-Servers and both of them use pfSenses DNS forwarder as the next DNS-hop… it runs... no crashs...
use it and have fun !!! :D