Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Dns setting not work correct

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 3 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G Offline
      gdy1039
      last edited by

      Iam in pfsense 2.0.2
      case 1:
      I set my dns in System: General Setup like this :

      10.0.0.252
      202.96.128.86

      then the resolv.conf will like this

      domain localdomain
      nameserver 127.0.0.1
      nameserver 10.0.0.252
      nameserver 202.96.128.86

      10.0.0.252 is my local dns server, 202.96.128.86 is isp dns server

      If I setup Like that,the dns 10.0.0.252 will not work.
      domain in 10.0.0.252 can't be nslookup.
      but the isp dns is work.

      case 2:
      If I delete the line "nameserver 127.0.0.1" in /etc/resolv.conf with shell, the dns 10.0.0.252 work!
      and the is dns is work too.

      case 3:
      If I set the isp dns 202.96.128.86 in first,it will work.

      so wht's the problem in case 2?
      who know ?please tell me.
      thank you so much.

      1 Reply Last reply Reply Quote 0
      • jimpJ Offline
        jimp Rebel Alliance Developer Netgate
        last edited by

        By default, pfSense will use the DNS Forwarder (dnsmasq) for DNS queries. It sends a DNS request to all servers at once and uses the fastest reply.

        If you don't want that to happen, go to System > General and check "Do not use the DNS Forwarder as a DNS server for the firewall"

        Though it sounds like maybe you aren't doing the right thing with the config in general. If there are DNS queries that only 10.0.0.252 can answer, including the public DNS server in the DNS settings may not be ideal. If there is a specific domain that must be resolved using 10.0.0.252, then you can add a domain override to the DNS forwarder to ensure it's properly used for that domain's DNS queries.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • G Offline
          gdy1039
          last edited by

          @jimp:

          By default, pfSense will use the DNS Forwarder (dnsmasq) for DNS queries. It sends a DNS request to all servers at once and uses the fastest reply.

          If you don't want that to happen, go to System > General and check "Do not use the DNS Forwarder as a DNS server for the firewall"

          Though it sounds like maybe you aren't doing the right thing with the config in general. If there are DNS queries that only 10.0.0.252 can answer, including the public DNS server in the DNS settings may not be ideal. If there is a specific domain that must be resolved using 10.0.0.252, then you can add a domain override to the DNS forwarder to ensure it's properly used for that domain's DNS queries.

          Glad to see your reply.
          I can't understand your explain,but…
          I add my local domain in here,the dns is answered correct.
          Services -> DNS forwarder -> Domain overrides
          Thanks so much.

          1 Reply Last reply Reply Quote 0
          • R Offline
            rakeshvijayan
            last edited by

            Glad to see your reply.
            I can't understand your explain,but…
            I add my local domain in here,the dns is answered correct.
            Services -> DNS forwarder -> Domain overrides
            Thanks so much.

            YOU DONT NEED TO ADD ANY SETTING OVER THERE YOU HAVE TO INSERT THE CORRECT DNS ENTRY OVER THE GENERAL SET UP SELECT THE CORRECT GATE WAY FOR THE DNS . OR TRY TO INSERT GOOGLE DSN FOR CHECKING 8.8.8.8 AND SELECT GATE WAY YOU WISH ,THEN TRY TO PING TO GOOGLE FORM THE DIAGNOSITC TAB ,BY THAT YOU CAN REALIZE IF IT IS DNS PROBLEM OR NOT  .Services -> DNS forwarder -> PAGE YOU HAVE ONLY PUT A TICK MARK ON (ENABLE DNS FORWARDING TAB)

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.