Domain Overrides for .local not working with DNS Resolver



  • I configured the DNS Resolver as default DNS on my network. I have several different VLAN's. One of them is for work with access to the company network over IPSec.
    At work we have three AD domains with DNS Server. One with .ch, one with .int and one .local
    I configured Domain Overrides for all three. They point to the DNS Server of their domain.
    Problem is that .ch and .int are working but .local is not working.

    It works for the first 15 minutes after I change something in the DNS Resolver.
    In the status page of the DNS Resolver I saw two entries for the .local domain. One with TTL 900 and one with TTL 0.
    After 15 minutes both are gone and the DNS lookups to the .local domain gives me a "non-existent domain" error.
    I also tested it with the DNS Lookup on the pfSense. No results.

    In the logs of the DNS Resolver I saw something with domain.local.localdomain. instead of what I expect domain.local.

    I read something that .local is a very special domain (and the default in AD) but I don't unterstand why the pfSense has problems with that.
    If I do a nslookup with the addition of the DNS Server of the .local domain it gives me the correct results. That tells me that I can reach the DNS Server for the .local domain.
    Is it possible to get the DNS Resolver with Domain Overrides working with .local or is this some kind of MS didn't respect the RFC's Issue?


Log in to reply