DNS Resolver unable to resolve Windows DC



  • I am running pfSense on vmWare to separate my Kubernetes Cluster from my Network. As DNS Server I have configured a Windows DC. Any Request to local Clients (separated k8s network) works fine, and any request to the outside world (like google.de) works also fine. But any request to the DC (dc2.xxx.local) Controller results in a

    ** server can't find dc2.xxx.local: SERVFAIL.

    Whats my Problem ?

    2020-03-18_17-11-06.png

    2020-03-18_17-10-41.png



  • What is handling DHCP, or are the clients static? If DHCP, it should be running on the DC, not PFSense, and option 006, DNS Servers, should have your DC as the DNS server. Also configure the router role for the default gateway setting as the PFSense box- (003 Router), and also should configure 015 DNS domain name, for your domain name. This info will then be handed out as part of the DHCP to clients. The clients should NOT be pointing to internet or PFSense for DNS. Point the clients DNS to your DC directly and have the DC resolve the internal IPs that way. If your clients are static and there is no DHCP, set them with your DC as the DNS, and PFSense as the gateway. As far as the PFSense DNS goes, set your Internet DNS servers there, not your internal DNS. Set your DC's DNS to forward to PFSense. End result- clients go to your DC to resolve DNS. Your DC resolves internal IPs. Anything it can't handle, it forwards to PFSense. PFSense uses the internet DNS servers you configured in General Setup, to resolve those external IPs, and hand them back to your DC which then sends them to its clients.


Log in to reply