DNS Redirect on PPPoE Clients failing
Hello, I am after some help.
I have a pfSense server running sucessfully with approx 150 end user devices connecting via a dedicated interface on the pfSense configured for PPPoE. The PPPoE client IP address are issued to the end user devices from a radius server, all this which works fine and traffic is good. DNS servers are pushed to the end user devices via the radius server which again is all good.
However, I want to redirect all the PPPoE client DNS traffic to the pfSense server so that DNS requests are handled via the pfSense to help prevent end users circumventing our DNS servers.
I have followed the guide for this, setup DNS resolvers on the pfSense and applied this to the LAN interface (a seperate interface) and as expected this works a treat for the LAN users but I repeat this for the PPPoE interface and it doesn't seem to work for the PPPoE clients, it just ignores the NAT redirect rule and the traffic is sent to the DNS server that has been manually configured.
If it helps when I setup a pass rule for DNS traffic under the PPPoE interface and log the results, I get hits in the log ok and I can see the DNS requests from the client IP going out to Google but interestingly the interface shows that of what must be the virtual interface allocated but the PPPoE server, e.g Interface ng126
Anyone have any ideas please?
Thanks in advance
Redmine issue created: https://redmine.pfsense.org/issues/12452
@viktor_g Thanks for your investigations. Are there any further updates on this or indication if this is likely to be solved in the next release?
@viktor_g I can see the bug is marked as Resolved but I'm still getting the same issue my end in our lab running the latest develoment software. Am I missing something?
Although @viktor_g created a bug for this issue and the bug tracker indicates that the status is resolved the issue still exists as descibed above no matter what setting I try. On LAN interfaces it works ok but with the same config on my PPPoE interfaces traffic is not rediected. From the bug tracker it mentions it fails on OpenVPN interfaces also, though I have not tested this.
Would be great to be able to get this feature working so if anyone else has any advice it would be appreaciated.
@patch running version 2.6.0.a.20211125.0600