DNS Forwarding Not Working?



  • I am running pfSense 1.2-RELEASE. I have everything working perfectly, with the exception of DNS Forwarding.

    Under "DNS Forwarder," I have set the following:

    • Selected "Enable DNS Forwarder"
    • Selected "Register DHCP Leases in DNS Forwarder"
    • Selected "Register DHCP Static Mappings in DNS Forwarder"

    Now, all of my client machines are using pfSense as their DNS provider. That is working properly, but I have setup one override that is not working:

    Host: subdomain
    Domain: mydomain.com
    IP: 192.168.1.104

    With this setup, I would like for all of my client machines to be able to ping subdomain.mydomain.com and get an IP address of 192.168.1.104.

    Here's the weird thing… It's not working for any of my client machines, BUT, if I go into Diagnostics -> Ping and ping subdomain.mydomain.com from pfSense, I get 192.168.1.104. So... It's working from the box itself, but not being fed out to my clients.

    Do you follow? Can someone please help me? Thank you!

    • Tim


  • I have an update…

    I am sitting at one of my client machines, which is pulling an IP address from pfSense via DHCP. It is NOT using pfSense as its DNS server (192.168.1.1), instead, it is using an external DNS server.

    I have enabled DNS Forwarding... Why is my client machine not using pfSense as its DNS?



  • Maybe because it's configured not to use a DNS entry provided via DHCP?

    You could create a block any –> any destination-port 53 rule at the top of your LAN.
    Like this you make sure noone sets manually another DNS server.



  • No, it's pulling DNS from DHCP. No DNS has been manually set.



  • Did you configure a different DNS server than pfSense itself on the DHCP-config page?

    If it's not that i very very much doubt it has anything to do with pfSense. (maybe a rouge dhcp in your network?)



  • Yes, a primary and a secondary.

    Do you think it's possible that I just require a reboot? I found a thread on here where a couple people were having this same issue, and it randomly went away after a reboot:

    http://forum.pfsense.org/index.php/topic,5480.0.html



  • Well if you configured a DNS server on the DHCP-config-page, the client will receive this DNS server you configured there.

    Just leave the field empty and the clients will receive the IP of pfSense as their DNS-server



  • Thank you so much. You solved my problem. There are several different places where you can enter DNS information, and I was confused as to how they interacted with one another.

    Again, thanks.



  • There are only 2 places:

    Under the general settings where you set the DNS-server for pfSense itself.
    This is the server the DNS-forwarder will use to resolve external addresses.

    And on the DHCP-server config-page.
    This is the DNS-server the clients will recieve.


Locked