Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to Disable connection-specific DNS Suffix

    Scheduled Pinned Locked Moved
    DHCP and DNS
    2
    3
    3.4k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      hepoberman
      last edited by

      Ive been using pfsense as failover dhcp and dns forwarder servers for a while but I just noticed the way windows clients act when a domain is assigned with the dhcp, (probably other clients as well but I'm watching this one with a sniffer atm)

      every dns query sends a query to the dns server asking for example  google.com.localdomain first, then it asks for google.com. 2X traffic to my DNS servers. The first query is always a quick "No such name" but this is a bad use of precious pps across these links.

      Is there a way to get pfsense DHCP to not assign option 15 (domain) in the DHCP grants?

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        how are you doing your query?  With nslookup?  From a browser going to www.google.com

        yeah in nslookup if you don't put the . on the end then sure it will use your search suffix list, which yes will include your local domain.  But that is not what is going to happen using say your normal browser.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.7.2, 24.11

        1 Reply Last reply Reply Quote 0
        • H
          hepoberman
          last edited by

          I was using nslookup, (without the dot at the end). I thought I first noticed it using a browser but maybe not. I'll double check, Thanks!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post