Redirect DNS requests from LAN clients to point to local FQDN, and other DNS requests -> external CloudFlare DNS over TLS
-
Hi, pfSense gurus!
Please clarify how redirect DNS(53) requests from LAN hosts (for example 192.168.88.0/24) to local host (server in separate LAN interface, for example 192.168.99.0/24) for certain FQDN name (for example publicweb.com) and all other DNS requests -> external CloudFlare DNS over TLS.
I already doing according Redirecting all DNS Requests to pfSense and Blocking DNS Queries to External Resolvers, but something working not as described.
Of course Host Overrides (with www aliases) and Enable DNSSEC Support, Enable Forwarding Mode, Register DHCP leases in the DNS Resolver are already done in Services / DNS Resolver / General Settings
server: ssl-upstream: yes do-tcp: yes forward-zone: name: "." forward-ssl-upstream: yes # Below addresses are CloudFlare resolvers forward-addr: 1.1.1.1@853 forward-addr: 1.0.0.1@853 forward-addr: 2606:4700:4700::1111@853 forward-addr: 2606:4700:4700::1001@853 # Below addresses are Quad9 resolvers forward-addr: 9.9.9.9@853 forward-addr: 149.112.112.112@853 forward-addr: 2620:fe::fe@853How exactly to ensure that redirect DNS requests from LAN clients to point to local FQDN, and other DNS requests -> external CloudFlare DNS queries are being sent over TLS by performing a packet capture on the LAN/WAN interface?
Thanks for all advises. Have a nice day!
