PfSense host and domain (FQDN) signifigance



  • Does the FQDN for a pfSense firewall have any real consequence, or is it just a name? Does it play any role in DNS?

    Current situation. My pfSense firewall will be the central routing device for a number of subnets, one of which is an AD domain. Half a dozen other subnets defined on the firewall are not joined to that subnet/domain.

    Can the firewall have the same FQDN domain name, as that of the AD controller domain name without creating namespace conflicts, or breaking with best-practice?

    Example.
    firewall FQDN: 'FW-1.ACME.local'
    AD controller domain name: 'ACME.local'


  • Rebel Alliance Global Moderator

    you of .local as a tld is not really great idea with all the stuff that does .local (mdns)  Apple has pretty much claimed this for themselves.. So if you have any apple devices around?

    Using the same name could get confusing for domain overrides wanting to point your AD for acme.local, etc.  To be honest there is little reason for members of your AD to ask pfsense, just to go ask your AD, and then just to come back and ask pfsense which then resolvers and or forwards for external stuff?

    If you are running AD.. Its prob best to just let all your devices use your AD dns, and then either let that resolver or forward, etc.

    In the long run what your use for the domain on pfsense really has nothing to do with anything.. Other than the domain use would normally use if pfsense was going to be your dhcp server and for your host overrides, etc.



  • Thanks johnpoz. Besides naming conflicts with other devices, does domain name defined in pfSense have any consequence to DNS on subnetworks. I am still not sure why the firewall has a domain name definition.