Second DNS how to?
It happened what i thought will happen if i but a block on the whole network.
My parents bitch why this and that site is not working.
So how can i make a second DNS for other peoples devices here in the house that does not use pfBlockerNG?
It's basic networking. Just change the LAN devices to use a different DNS server in its IP settings. Set it to something like 126.96.36.199. If the Lan devices are DHCP, then you could define different settings for the pool.
Not using pfSense as DNS means my DNS Resolver rules do not work anymore i guess?
You could try to use the DNS forwarder (DNSMasq) on port 53 for general users and then set the resolver to port 5353 for specific Lan clients. Then you have some configurability. Never done it myself but I'm sure it's doable.
Hm, i was told to disable the DNS forwarder for raw, un-tampered unmolested DNS from the root servers here:
You are mixing things up.
pfSense has two DNS services:
- DNS Forwarder (DNSmasq)
- DNS Resolver (Unbound)
Unbound can be configured in Forwarder or Resolver mode.
So my suggestion was to use DNSmasq for port 53 (general user) and then have unbound on port 5353. So you can then force the LAN users to the correct DNS service.
If you need more help with that. Check the DNS threads and/or post there for more detailed help.