What a mess with DNS and multi WAN
-
I cannot find a definitive answer about the best DNS configuration with a multi WAN setup.
The official documentation says to enable default gateway switching OR enable forwarding mode in unbound.
I don't want to use forwarding mode.
And the guis says about default GW swtiching: "This is not enabled by default, as it's unnecessary in most all scenarios, which instead use gateway groups."I do use gateway groups with policy routing and it's fine for the hosts, but dns is broken when default gateway goes down.
Many guides suggests to put different dns servers on general setup, at lest one per every WAN gateway.
But I read in the forum to leave empty the dns fields on general setup. So pfsense can use localhost to resolve.So which is the best solution to have dns working and fail over on both hosts and pfsense itself?
Does the following is the solution?- gateway group with all the WAN
- policy routing for hosts to the GW group
- default switching disabled in advanced settings
- empty dns servers on general setup
- "Disable DNS Forwarder" NOT set on general setup
- "DNS server override" NOT set on general setup
- unbound listening on LAN and localhost
- unbound not in forwarding mode
- unbound outgoing interfaces WAN1 and WAN2
-
I would think that unbound able to use outgoing your wans should all you should need.
