Redirect DNS requests from LAN clients to point to local FQDN, and other DNS requests -> external CloudFlare DNS over TLS
Sergei_Shablovsky last edited by Sergei_Shablovsky
Hi, pfSense gurus!
Please clarify how redirect DNS(53) requests from LAN hosts (for example 192.168.88.0/24) to local host (server in separate LAN interface, for example 192.168.99.0/24) for certain FQDN name (for example publicweb.com) and all other DNS requests -> external CloudFlare DNS over TLS.
Of course Host Overrides (with www aliases) and Enable DNSSEC Support, Enable Forwarding Mode, Register DHCP leases in the DNS Resolver are already done in Services / DNS Resolver / General Settings
server: ssl-upstream: yes do-tcp: yes forward-zone: name: "." forward-ssl-upstream: yes # Below addresses are CloudFlare resolvers forward-addr: 220.127.116.11@853 forward-addr: 18.104.22.168@853 forward-addr: 2606:4700:4700::1111@853 forward-addr: 2606:4700:4700::1001@853 # Below addresses are Quad9 resolvers forward-addr: 22.214.171.124@853 forward-addr: 126.96.36.199@853 forward-addr: 2620:fe::fe@853
How exactly to ensure that redirect DNS requests from LAN clients to point to local FQDN, and other DNS requests -> external CloudFlare DNS queries are being sent over TLS by performing a packet capture on the LAN/WAN interface?
Thanks for all advises. Have a nice day!