multi domain for lan

T.Soprano

Good day, i searched and can't found solution on forum.

i have pfsense using public ip and real url like: firewall.mycompany.com
i setup dns resolver for some internal servers like: server1.mycompany.com and all lan can ping this dns.

what i need is some test servers to be reachable but with different domain that pfsense one and if i choose example:
server123.differentdomain.local and i insert into dns resolver
noone pc on lan can ping this.
but if i change the domain into: server123.mycompany.com everyone can ping, because it's using the same domain of pfsense itself.

Question is:
is possible to config in dns resolver multiple custom hostname and domains different by pfsense domain and make it reachable in lan?

JKnott

@T-Soprano

????

You do understand that with IP a domain is essentially just a name. This means you can have as many domains as you want on your network. All valid names are supposed to resolve to a valid address somewhere. You could have multiple DNS servers, which you can configure your devices to use, etc. You can even have one DNS look to another to get an IP address.

So, I'm having a little difficulty in understanding what it is you're trying to do.

johnpoz

@T-Soprano said in multi domain for lan:

is possible to config in dns resolver multiple custom hostname and domains different by pfsense domain and make it reachable in lan?

You can put in whatever host overrides you want in unbound.

If you want host.whatever.tld to resolve to 192.168.1.100
and something.domain.tld to resolve to 192.168.1.101

you can do whatever you want..

T.Soprano

I asked because simply it doesnt work.
i already configured in DNS resolver this:
preauth.{samedomain of firewall}.com to 192.168.2.2
and it works fine i can ping this dns from all lan pc.

BUT... if i change the dns to:
preauth.{testdomani}.local to 192.168.2.2
i can not ping anymore, this is why i come to the result only pfsense domain setup into Advances menù will work.

johnpoz

Show what you did... Here..

I set the host to have aaa to start with just so its top of my host override list

As you can see local.lan is my normal domain used, that is what pfsense is using. I then created another entry, both resolve just fine.

BTW - use of .local as tld is not a good choice... Its used by other systems, etc. I wouldn't use it, use something else for your tld or domain other than .local

T.Soprano

Sorry guys, i totally ignored your tips about Host Overrides.
It works fine now.
You were both right. Sorry again and Thanks

johnpoz

What were you doing? That you thought would work?

stephenw10

The only way I can see this behaviour happening is if you're trying to connect to those hosts using only the host name and not the fqdn. Like: ping preauth.

If that's true then yeah it will only resolve hosts in the same domain as the client in general.

Steve