Setup Pfsense for Internal DNS
Rickinfl last edited by
I have an internet network (All Linux) I really don't want to build and Linux DNS box if Pfsense can handle it.
So what I'm looking for is can Pfsense do DNS and how to set it up. I want Pfsense to resolve all my internal address also forward all internet request out to 184.108.40.206. I already have an internal DHCP server running and it works great. I just can't resolve my other boxes and must use IP addresses. I'd like to set all my boxes DNS to the pfsense IP address for the DNS server. Right now all my boxes use an internet DNS server.
I've been reading all over the internet on how to do this, but just can't find a straight answer seems everyone does it different.
JKnott last edited by
PfSense has both a DNS forwarder and resolver. Your choice.
Giving a straight answer is hard because you have not asked a straight question.
So you want to run a local nameserver for your local name lets call it local.lan? And then also answer your questions when you ask for www.somethingelse.com
Then yes out of the box pfsense does this. If pfsense is your local dhcp server, and you have it set to register dhcp clients then yes some box gets a dhcp lease from pfsense and its name is BOX then you would be able to resolve box.lan.com - and if you asked pfsense for www.google.com it would resolve it for the client.
If you have device that does not get dhcp from pfsense then you could setup a host override so whatever.local.lan or anything else you setup whatever.somedomain.tld etc.. etc..
How pfsense finds whatever.somdedomain.tld would depend, did you mess with the default or out of the box it will resolver vs forward..
If you want to forward to some dns, then you would have to edit to use the forwarder or edit the resolver to forward vs resolve..
So I am making all kinds of assumptions to what your wanting to do or what your asking, etc.. So when you ask a specific question I can give you a specific answer.. I could come up with all kinds of different scenarios on how you "might" want your network to resolve names.. But without specific's I am just assuming..
Here is what I will tell you - turn on pfsense… Don't edit shit.. And it will get you on the internet and resolve www.something.com plus all your local dhcp clients. Edit shit and you will almost 99% sure F it up ;)
Other than that happy to answer a real question ;)
Rickinfl last edited by
Ok. Here is simple as I can get it.
I have a Pfsense box called pfsense.lan. I have 8 other linux servers a workstation and laptop example… media.lan. From my laptop If I try to ping media.lan it can't. nslookup finds nothing. I want my pfsense box to resolve DNS to resolve my internal network and send all internet lookups out to Google DNS.
I have DNS Resolver enabled and DHCP Registration, Static DHCP checked. Pfsense issues DHCP.
Not sure what I'm doing wrong.
Nex-DFM last edited by
I'm having the same problem and am losing my mind trying to figure it out!
Grimson last edited by
just .lan - single label? Ugghh How about something.lan
So you can not find some fqdn media.lan with nslookup.. What response did you get.. if you were asking pfsense running unbound asking for something it could not resolve you would get nx… Is that what you got?
*** sg4860.local.lan can't find media.lan: Non-existent domain
Or was your client asking something other than unbound running on pfsense? What does nslookup return as the server.. even on linux tells you that..
** server can't find media.lan: NXDOMAIN
if your seeing something like that - says the linux box is pointing to local cache like dnsmasq... So you need to figure out where the linux box is actually pointing to.. likely your getting it from dhcp and you will see something like
user@ubuntu:~$ cat /etc/resolv.conf
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
In your /etc/resolv.conf -- you need to correctly configure your clients to use pfsense, and you need to make sure the entries you want to resolve are in there - bet via dhcp adding them, or static adding them or even a host override.
My guess is your linux boxes are being handed that 220.127.116.11 you want to forward too via dhcp your running. And so no they will never be able to resolve your local stuff.