Multiple servers in Domain Overrides?
-
Hi, apologies if this has already been answered, I tried Google and the forum search but couldn't find it.
Here is our setup (question follows)
We have an internal legacy DNS/DHCP server (Win2000) which is flaky but we can't get rid of it just yet. To make our systems more resilient when it crashes, we've set up BIND on a CentOS 6 box as a slave DNS and have added a Domain Override on pfSense to point our internal domains to this CentOS box.
Not ideal but an acceptable workaround for the moment.
We have now patched CentOS to address the GHOST vulnerability and need to reboot it.
Question: Is there a way we can add a second IP in the Domain Overrides section? We're using pfSense 2.1.4-RELEASE
We can always point them to our legacy server for the duration of the reboot, but I'd like a more permanent solution.
Thanks !
Franck Horlaville
-
Its a reboot.. So what dns would be unavailable for what 5 minutes.. Most things should be cached at the client anyway, so you would be worried about fresh lookups or stuff that ttl expired.
Reboot it at 5pm and there shouldn't be any issues - if there is its what 5 minutes ;) If they call - say try in now ;)
-
dnsmasq (DNS Forwarder) does not have any way to specify multiple addresses in the "–server=" parameter.
http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html
I remember having a look at this, because I would like it for some of my remote sites so they can point to multiple DNS servers for some internal domain names (some of which might be across site-to-site OpenVPN links).So there is no way to do it in 2.1.n
But unbound (DNS Resolver) in 2.2 does have the ability to specify multiple stub-addr in a stub-zone. So it seems it will be possible to have this with Unbound DNS Resolver on pfSense 2.2.?
Actually I would like to be able to specify this - so I will have a go at adding it to the GUI and if I get it working will submit a pull request.Redmine feature request: https://redmine.pfsense.org/issues/4350