@JonathanLee I block DNS over HTTPS to the firewall using unbound because I have unbound running DoT. My solution to the Nintendo griping about DNS was to route it out to 1.0.0.2. I was also having issues with unbound using the ephemeral ports I was using, interrupting my sensitive codel games so had change localhost's NAT outbound.

@volfied said in Nintendo won’t take static IP:

What I’m really trying to do is assign a DHCP reservation from outside the dynamic pool. It has always worked before.

That's how it normally works. pfSense will not allow you to assign an address from within the pool.