Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login
    1. Home
    2. Tags
    3. bind
    Log in to post
    • All categories
    • R

      Unbound not using glue records

      Watching Ignoring Scheduled Pinned Locked Moved General pfSense Questions dns unbound bind
      4
      0 Votes
      4 Posts
      474 Views
      R

      I figured it out - I should not put my authoritative server under the domain override section because unbound put it in a forward zone and expects a dns resolver. Instead, I switched to a stub zone under custom configuration, which requires an authoritative dns server and unbound will perform recursive lookup itself.

    • B

      BIND named died

      Watching Ignoring Scheduled Pinned Locked Moved DHCP and DNS named named died dns server dns server died bind
      1
      0 Votes
      1 Posts
      414 Views
      No one has replied
    • MrPeteM

      Am I missing something? No docs at all on BIND package :(

      Watching Ignoring Scheduled Pinned Locked Moved pfSense Packages packages bind
      4
      0 Votes
      4 Posts
      2k Views
      johnpozJ

      @bingo600 That is pretty slick!

    • E

      Possible bug with BIND config generate in 2.4.5 (bind package: 9.14_3)

      Watching Ignoring Scheduled Pinned Locked Moved pfSense Packages 2.4.5 bind bug
      5
      0 Votes
      5 Posts
      1k Views
      E

      Linked issue:
      https://redmine.pfsense.org/issues/10445

    • E

      Zona domínio no bind9

      Watching Ignoring Scheduled Pinned Locked Moved Portuguese bind
      1
      0 Votes
      1 Posts
      348 Views
      No one has replied
    • M

      Bind - Setup pfSense as slave DNS server

      Watching Ignoring Scheduled Pinned Locked Moved pfSense Packages bind dns
      21
      0 Votes
      21 Posts
      6k Views
      johnpozJ

      @gertjan said in Bind - Setup pfSense as slave DNS server:

      your DNS zone has to be fully IPv6 and IPv4

      Don't agree with this.. While sure if you have IPv6 then yeah be nice to do that.. But it sure doesn't have to do anything IPv6..

      And while I agree you should do dnssec - again not a requirement.. You do not have to setup dnssec - and people using dnssec will still resolve you. Unless you try setup dnssec and you mess it up.. Then yeah if your dnssec fails you won't resolve.

      He is trying to show you that yes it gets complicated very quickly.. But when it comes down to setting up a slave. You tell your master what IP are you slaves, and you setup the zones on your slave and tell them the IP of the master.

      But he makes a good point about your PTR.. Can you even set that either of your NSers IPs? That really should be set.. Is where you running pfsense even a static IP?

      What are you going to do if someone attacks your dns? What are you going to do if someone tries to use your NSers for a amplification attack and you didn't secure for that? What your using for NS should not be recursive.. An authoritative NS should not do queries for other clients. They only should answer for the domains they are authoritative for..

    • newyork10023N

      DNS RPZ (full URL)

      Watching Ignoring Scheduled Pinned Locked Moved pfBlockerNG dnsrpz pfblockerng squidguard bind dns rpz
      2
      0 Votes
      2 Posts
      1k Views
      BBcan177B

      DNSBL will block domains, it cannot block based on a URL as it is a DNS based blocker.