DNS Resolver Domain Overrides nor working in one subnet
-
I am running pfsense with 3 subnets (defined by their respective interfaces).
One subnet that provides its own DHCP service (Windows Domain) and two other subnets pfsense provides DHCP services to.
Most DNS resolution is provided by pfsense (external sites) supported by a couple of internal DNS Servers that resolve internal network names (Windows Domain machines). These domains are configured in pfsense DNS as domain overrides.
In two of the three subnets (i.e. the Windows Domain and a pfsense DHCP subnet) DNS queries to pfsense for these 3 domain overrides work fine .
However, the third subnet (also pfsense provided DHCP) returns "non-existent" domain for when querying the DomainOverrides associated with the Windows domain (the other Domains will be known to pfsense directly since it since providing DHCP). As far as I can tell DHCP is configured similarly for the two pfsense provided subnets (other than IP ranges etc) and so I have no idea whey DNS works for the Domain overrides from one and not the other? Queries to external sites work fine in all 3 subnets.
Does anyone have any idea what might be happening?
Also where does the pfsense get its Server name from in the DNS response. In the windows domain it is correct, in one subnet it puts the dmain name in twice (e.h. pfsense.domain.com.domain.com) and in the other one I get "uknknown".
Thanks, any advice will be appreciated.
Ian
-
Had a strange issue with DNS not resolving as it should in a peer-to-peer OpenVPN solution. I ended up adding the subnet under the Allow list in DNS Resolver. This made the DNS Resolver suddenly start answering questions.
Just my 2c, not very scientifically as I can't figure out why this made it work. DNS Resolver was already set to answer on all interfaces.
Edit: The OpenVPN server, which didn't answer before, in my case is on a High availability config.
Brgs,
-
Your going to have to actually provide some coherent info.. If you want any help. And actual details of your setup.
