Two stupid? DNS ideas - can this work?

  • Please humour me, I'm trying to learn as quickly as I can, but I've been bouncing off the ME equivalent of the GFW…

    "Smart DNS" services don't seem to be working for me: I've got a NAT Forward rule that tells select clients to skip the Resolver, and go to Unotelly. Unfortunately it seems that these are recognised as Proxys, so my Apple TV won't play nicely for the family.

    1. I want to run my own "Public DNS server", can I use pfsense for this, or should I opt for a disposable Ubuntu/BIND VPS? I would use this to run my own Dynamic DNS registration and "Smart DNS" service for getting the correct version of Netflix etc. It's the same cost as a commercial Smart DNS, but I'm hoping it works.

    2. I have a working IPSec tunnel, can I use the pfsense box at the remote end to act as my 'local DNS' instead of the pfsense at the local end of the tunnel. I'm guessing there would need to be the appropriate Firewall rules, but if it's possible this might be a reasonable temporary solution.

    Many thanks

  • Hi,

    What is a smart DNS ?

  • 'Smart DNS' is the commercial service (typically $5/month) that people (who don't have pfsense) use to get the appropriate geo-located service for Netflix, Amazon, Hulu etc by using alternate DNS instead of a VPN.

    It will work where VPN may be blocked, but the downside is that the content providers have either blacklisted these addresses or recognise (by some other means) that a proxy is in use.

    If I were to run my own DNS server, for this purpose, it would be low-volume, low-profile and hopefully not on any blacklist? As for other means of detection, that's way beyond me.

    The other advantage to this idea, is that using a VPS, the public IP could be readily changed by destroying/recreating the server at another point-of-presence.

    I realise that this may not be a good idea, but I'm trying to work to if this is possible (with my level of 'expertise'), as it's cheaper than moving house!

  • I was so tempted to write a 'smart' reply…

    ...involving the use of a smart search engine, but...

    …but instead you decided to say it passive-aggressively?

    If I missed the sarcasm in your post, my bad, you got me!

    ???  Gertjan is a good guy who helps out a lot around here.  He just asked a question.  Stop acting like a tool.

  • That would be good advice for specific guidance on a pfSense issue.  I've been in networking for many years and I've never heard of smart DNS either, and we get a lot of newbies here who sometimes use bizarre terms or mix-up their jargon.

Log in to reply