Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    multi domain for lan

    Scheduled Pinned Locked Moved General pfSense Questions
    8 Posts 4 Posters 850 Views 4 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T Offline
      T.Soprano
      last edited by

      Good day, i searched and can't found solution on forum.

      i have pfsense using public ip and real url like: firewall.mycompany.com
      i setup dns resolver for some internal servers like: server1.mycompany.com and all lan can ping this dns.

      what i need is some test servers to be reachable but with different domain that pfsense one and if i choose example:
      server123.differentdomain.local and i insert into dns resolver
      noone pc on lan can ping this.
      but if i change the domain into: server123.mycompany.com everyone can ping, because it's using the same domain of pfsense itself.

      Question is:
      is possible to config in dns resolver multiple custom hostname and domains different by pfsense domain and make it reachable in lan?

      JKnottJ 1 Reply Last reply Reply Quote 0
      • JKnottJ Offline
        JKnott @T.Soprano
        last edited by

        @T-Soprano

        ????

        You do understand that with IP a domain is essentially just a name. This means you can have as many domains as you want on your network. All valid names are supposed to resolve to a valid address somewhere. You could have multiple DNS servers, which you can configure your devices to use, etc. You can even have one DNS look to another to get an IP address.

        So, I'm having a little difficulty in understanding what it is you're trying to do.

        PfSense running on Qotom mini PC
        i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
        UniFi AC-Lite access point

        I haven't lost my mind. It's around here...somewhere...

        1 Reply Last reply Reply Quote 0
        • johnpozJ Offline
          johnpoz LAYER 8 Global Moderator
          last edited by

          @T-Soprano said in multi domain for lan:

          is possible to config in dns resolver multiple custom hostname and domains different by pfsense domain and make it reachable in lan?

          You can put in whatever host overrides you want in unbound.

          If you want host.whatever.tld to resolve to 192.168.1.100
          and something.domain.tld to resolve to 192.168.1.101

          you can do whatever you want..

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 25.07 | Lab VMs 2.8, 25.07

          1 Reply Last reply Reply Quote 0
          • T Offline
            T.Soprano
            last edited by

            I asked because simply it doesnt work.
            i already configured in DNS resolver this:
            preauth.{samedomain of firewall}.com to 192.168.2.2
            and it works fine i can ping this dns from all lan pc.

            BUT... if i change the dns to:
            preauth.{testdomani}.local to 192.168.2.2
            i can not ping anymore, this is why i come to the result only pfsense domain setup into Advances menù will work.

            1 Reply Last reply Reply Quote 0
            • johnpozJ Offline
              johnpoz LAYER 8 Global Moderator
              last edited by

              Show what you did... Here..

              I set the host to have aaa to start with just so its top of my host override list

              As you can see local.lan is my normal domain used, that is what pfsense is using. I then created another entry, both resolve just fine.

              BTW - use of .local as tld is not a good choice... Its used by other systems, etc. I wouldn't use it, use something else for your tld or domain other than .local

              overrides.jpg

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 25.07 | Lab VMs 2.8, 25.07

              1 Reply Last reply Reply Quote 0
              • T Offline
                T.Soprano
                last edited by

                Sorry guys, i totally ignored your tips about Host Overrides.
                It works fine now.
                You were both right. Sorry again and Thanks

                1 Reply Last reply Reply Quote 0
                • johnpozJ Offline
                  johnpoz LAYER 8 Global Moderator
                  last edited by

                  What were you doing? That you thought would work?

                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                  If you get confused: Listen to the Music Play
                  Please don't Chat/PM me for help, unless mod related
                  SG-4860 25.07 | Lab VMs 2.8, 25.07

                  1 Reply Last reply Reply Quote 0
                  • stephenw10S Offline
                    stephenw10 Netgate Administrator
                    last edited by

                    The only way I can see this behaviour happening is if you're trying to connect to those hosts using only the host name and not the fqdn. Like: ping preauth.

                    If that's true then yeah it will only resolve hosts in the same domain as the client in general.

                    Steve

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.