[SOLVED] DNS Zone Transfer
-
@manjotsc said in DNS Zone Tranfer:
@bmeeks Does it looks good?
Thanks,
Yes! That should work for you, but you still need to delete that manjot.net zone in the Forward Lookup Zones in the left-hand pane. You don't want to forward lookups for that zone because your AD DNS server is authoratative for that zone (or it should be).
DNS can be a little confusing to the uninitiated, and sometimes when we first get into it, we tend to overestimate what we think we understand ...
. Go to Google and do a little research on these DNS terms: resolver, forwarder, and authoratative server. Again, I mean no disrespect as all of us were new to this at some point in our IT career, but your questions and replies indicate that perhaps you do not yet fully understand the critical distinction between those terms I suggested you Google. -
@bmeeks It has been deleted,
-
@manjotsc: that last post looks good on the Windows side. Now over on the pfSense side you need to be sure you have a properly configured domain override in place for manjot.net and the ARPA reverse pointer zones defined in Windows.
For example, here is the Domain Overrides section from my pfSense box for my Windows AD domain:
This tells
unboundthat for all hosts in "themeeks.net", or that have an IP address in the 192.168.10.0 network, it should ask the DNS server at 192.168.10.4 for the hostname or IP (that's my Windows AD DNS). The only timeunboundon pfSense will do this is when I ask it to resolve some IP in the logs that's in my local network, or if I, for instance, view the ARP Table under the DIAGNOSTICS menu. -
@bmeeks Thanks, I have configured it in pfsense.
-
@manjotsc said in DNS Zone Tranfer:
@bmeeks Thanks, I have configured it in pfsense.
That should fix it for you. Now, in the future, if you need to manually create any DNS records for a host, do so over in the Windows DNS server. With the configuration you have in place, your pfSense box will still see them.
