• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

DNS Forwarder dnsmasq not working

DHCP and DNS
3
3
2.2k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • C
    CrisKolkman
    last edited by Jan 4, 2018, 2:53 PM Jan 4, 2018, 2:35 PM

    Hello all,

    I am trying to use DNS Forwarder to make PfSense response to a specific wildcard domain, but it is not working.
    This is my /usr/local/etc/dnsmasq.conf:

    # Tells dnsmasq to never forward queries for plain names, without dots or domain parts, to upstream nameservers.
# If the name is not known from /etc/hosts or DHCP then a "not found" answer is returned.
domain-needed
# Bogus private reverse lookups.
# All reverse lookups for private IP ranges (ie 192.168.x.x, etc) which are not found in /etc/hosts or the DHCP leases file are answered
# with "no such domain" rather than being forwarded upstream.
bogus-priv
#
# LAN domain lookups
#
# Add local-only domains here, queries in these domains are answered
# from /etc/hosts or DHCP only.
local=/mydomain/
domain=mydomain
#
# Add the domain to simple names (without a period) in /etc/hosts in the same way as for DHCP-derived names.
# Note that this does not apply to domain names in cnames, PTR records, TXT records etc.
expand-hosts
#
# increase DNS cache size
cache-size=10000
# Set the maximum number of concurrent DNS queries. The default value is 150
dns-forward-max=300
resolv-file=/var/etc/resolv.conf
#conf-dir=/usr/local/etc/dnsmasq.d
address=/.sub.domain.io/127.0.0.1

    But it keeps forwarding the requests to Google DNS server:

    
Jan 4 15:34:48	dnsmasq	62855	query[A] testing.sub.domain.io from 192.168.200.244
Jan 4 15:52:08	dnsmasq	62855	forwarded testing.sub.domain.io to 8.8.4.4
Jan 4 15:52:08	dnsmasq	62855	reply testing.sub.domain.io is EXTERNAL_IP

    Running:

    
Version	2.4.2-RELEASE-p1 (amd64) 
built on Tue Dec 12 13:45:26 CST 2017 
FreeBSD 11.1-RELEASE-p6 

The system is on the latest version.
Version information updated at Thu Jan 4 15:14:52 CET 2018
    1 Reply Last reply Reply Quote 0
    • G
      Gertjan
      last edited by Jan 4, 2018, 3:40 PM

      Hi,

      I"m using the default Resolver.
      Added "sub.domain.io" to the host override, using IP 127.0.0.1.

      Then I launched a ping to this domain.
      The result - returning IP - was 127.0.0.1.

      Mission accomplished ?

      See image.

      edit : based my reply on https://forum.pfsense.org/index.php?topic=141242.0 from a couple of days ago.

      subio.PNG
      subio.PNG_thumb

      No "help me" PM's please. Use the forum, the community will thank you.
      Edit : and where are the logs ??

      1 Reply Last reply Reply Quote 0
      • J
        johnpoz LAYER 8 Global Moderator
        last edited by Jan 4, 2018, 3:42 PM

        https://doc.pfsense.org/index.php/Wildcard_Records_in_DNS_Forwarder/Resolver

        your address has .sub which is wrong..

        address=/.sub.domain.io/127.0.0.1

        should be
        address=/sub.domain.io/127.0.0.1

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.7.2, 24.11

        1 Reply Last reply Reply Quote 0
        2 out of 3
        • First post
          2/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.