DNS Resolver: Changing the source Interface for Domain Overrides

Rico

Hey,
with the DNS resolver in non-forwarding mode, I've added a domain override pointing to a DNS server down the OpenVPN tunnel.
Resolving is fine, however a Packet Capture shows the query is sourcing by the OpenVPN tunnel network (pfSense OpenVPN client IP).
I want to source the query for this overide from the pfSense LAN IP.
Any Idea? :-)

-Rico

viragomann

Outbound NAT?
You will need to add an interface to the OpenVPN instance if you haven't already. Then adding a rule to it for source 127.0.0.0/8 and translating to the LAN address should do the job.

However, what's the benefit of that?

Rico

Hmmm...I'd like to avoid any dirty hacks if possible.
Thought this could be done with a configuration in the DNS resolver.

@viragomann said in DNS Resolver: Changing the source Interface for Domain Overrides:

However, what's the benefit of that?

MS Active Directory DNS... ;-)

-Rico

Rico

I think the problem is solved, changing Outgoing Network Interfaces from All to WAN and LAN did the trick.
Need some more testing now but looks good so far.

-Rico