OpenDNS filtering - route DNS requests by IP range?

  • Hi all,

    I work at a school that uses OpenDNS's Umbrella filtering service.  This system allows you to fine tune filters based on the originating IP address of the DNS query.  I am trying to set up separate filters for students and staff, while also maintaining local network DNS resolution as well.  I have multiple external IP addresses to work with.

    What I want to do is steer traffic from students out a different IP address than the staff, so that I can assign those addresses to different filter rules in Umbrella.  They both would be using OpenDNS's DNS servers.  I think I could do that without too much trouble.  However, I also want to maintain local DNS lookups and resolution, along with a few overrides, for my internal network.  I haven't figured out a way to do this with either the DNS Forwarder or the DNS Resolver.

    Any thought on how this might be accomplished with pfSense would be greatly appreciated.

  • What you describe can be easily done with BIND DNS "view". Pfsense has BIND package but not sure if it's configurable to that level. It should be but never tried.

    I use BIND views with Ubuntu and it has been working perfectly for filtering name resolutions based on different subnets and ip addresses.

  • Thanks.  Taking a look at the BIND package now.  I can see how views would accomplish what I'm trying to do.

    Is there any info out there about the BIND package in pfSense?  Going to dig around in the BIND documentation elsewhere, but anything directly related to pfSense would help.

Log in to reply