Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS Forwards or Zones? Or how do I setup a backup + forward.

    General pfSense Questions
    3
    3
    265
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nafeasonto
      last edited by nafeasonto

      So this is what I want to do:

      I have two domain controllers. Both running DNS for Dynamic Updates, they also run DHCP, so I turned off DHCP on the firewall.

      How would I set it up where

      1. DC1 get DHCP request, registers DNS dynamically, but also uses the Firewall as a a DNS backup, so if the Domain Controllers go down, Pfsense still has those names.

      2. How if a DNS request is coming in to the domain controller, it also forwards a DNS registration TO the firewall? Similar to a dynamic update on Windows DNS. (Since DHCP is NOT running on the firewall).

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        For that you would need a full DNS server on the firewall like BIND, not Unbound/dnsmasq. The DNS server would need to get updated from AD like a zone transfer, for example, not individually relayed registrations. Like any other secondary/tertiary DNS setup.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 1
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by

          So in this scenario both your DCs are down? Because AD can for sure share their dns info.

          If both your DCs are down - you have bigger problems then a copy of your dns records running on pfsense ;)

          But sure running bind on pfsense would allow for zone xfers from your AD dns..

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.7.2, 24.11

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.