DNS Redirect not going to correct destination. Bug in 2.4.5?



  • Hi Guys,

    I have a setup which worked perfectly until recently and I believe broke after upgrading to 2.4.5.

    • I have an alias which contains devices my kids use and I capture all outbound port 53 traffic via a NAT rule and redirect it to OPENDNS over a VPN Gateway that uses a static IP. This also takes care of any smart kids who may try to change their local DNS servers as pfsense will simply reroute no matter what. This worked perfectly fine for a long time.

    • My system DNS Servers are set to non-OPENDNS servers and leave my network on a different VPN gateway and work just fine where needed.

    • What is happening now is that port 53 traffic is going out the correct gateway but NOT to the specified destination (OPENDNS) per the NAT rule.

    8758d1e1-5f3e-4b8c-8e7a-0900d8e698e0-image.png

    This has worked fine for a long time and suddenly this NAT line seems to be ignoring the destination but is correctly capturing port 53 and sending it out the gateway I want. I should add, that I have several devices and don't want to assign the DNS through the DHCP entry. I do that elsewhere for other devices but I find it valuable to be able to simply add remove devices from the specified alias when I want to alter their DNS behaviour.

    I believe this may be a bug in 2.4.5 unless something else changed. Before I roll back to 2.4.4 to test my theory, I wanted to ask you fine folks for any input.

    Much appreciated.



  • Any feedback folks?



  • A detailed dig or nslookup executed on one of these 'kid' devices ?

    You are aware of the fact that DNS traffic isn't only UDP traffic ?

    You saw the first pinned post here ?

    Can you show the related firewall rule - check if it hits any traffic ?


Log in to reply