DNS redirect issue: Reply from unexpected source

S_m · May 28, 2022, 8:10 AM

I'm having issues with a pfSense installation (2.6.0) that had redirected the DNS configured as the docs: https://docs.netgate.com/pfsense/en/latest/recipes/dns-redirect.html

PORT FORWARD and RULE, are working but the reply came from the pfSense LAN address instead of the DNS server.

udp  192.168.100.191:54637 -> 127.0.0.1:53 (8.8.8.8:53)

Result from a client:

nslookup google.com
;; reply from unexpected source: 192.168.100.1#53, expected 8.8.8.8#53

I don't recall when this started to happen exactly. Doing the same configuration on another box works fine.

Same config for NAT on both boxes.

S_m · May 28, 2022, 10:45 AM

Shell output for: pfctl -ss

all udp 127.0.0.1:53 (1.1.1.1:53) <- 192.168.100.175:36992       NO_TRAFFIC:SINGLE
all udp 192.168.100.1:53 -> 192.168.100.175:36992       SINGLE:NO_TRAFFIC
all udp 192.168.100.1:53 <- 192.168.100.175:55172       SINGLE:MULTIPLE

S_m · May 28, 2022, 7:23 PM

FIXED:
I don't know why and how to check more deeply this issue:

Following the documentation, to standarize every config.
With Redirect target IP 127.0.0.1 as shown on the picture below.
All the DNS answers came from the LAN address (each vlan)

Fixed with: Redirect target IP LAN_XX address