Special config needed for multiWAN
-
I have two ISPs:
WAN1 is PPPoE, nothing limited on DNS.
WAN2 is LTE router, and it's firewalled on the ISP side — can not use any unencrypted root DNS servers except ISP servers or some DOH servers.
I want to use Resolver when WAN1 is up and running.
When WAN1 is down for any reason, I want to forward all DNS request to LTE router.So far I did not find any solution that could be accepted.
When I choose "Use local DNS servers, fall back to remote" it is trying to use all cached servers and does not fall back to remote, even if selected outgoing interface WAN1 is down, no other interface selected.
Any thoughts? Any command to change the option "Enable Forwarding Mode" for resolver from shell, so I can use script?
-
Temporary solution is to use DNS over TLS
https://docs.netgate.com/pfsense/en/latest/recipes/dns-over-tls.htmlEdited: The problem with hostname solved, just typo
-
For my multiwan setup I setup DNS resolver in forwarding mode and use SSL/TLS for all forwarded requests. In the general tab, I use cloudfare and google dns servers with the appropriate DNS server Hostnames. The only issue is some port 853 traffic always present on the LTE interface. If WAN goes down, LTE is still functioning.
