Different DNS server for each VLAN

endpoint-credible · Dec 31, 2022, 12:16 PM

Hello,

I have the following configuration of a pfSense box:
VLAN1
Gateway: VPN (OpenVPN)

VLAN2
Gateway: WAN

I would need to achieve the following outcome:

all DNS queries comming through VLAN1 to use DNS server 1 (VPN server)
all DNS queries comming through VLAN2 to use DNS server 2 (Cloudflare server).

Any ideas on how this can be achieved?

>> Some other settings on this pfSense box:

DNS Forwarder: not enabled

System > General Setup
DNS Servers: Cloudflare, with WAN Gateway
DNS Server Override: OFF
DNS Resolution Behavior: Use local DNS, ignore remote DNS servers

DNS Resolver: enabled
Network interfaces: All
Outgoing Network Interfaces:

Custom options:

server:
forward-zone:
name: "."

# Cloudflare
forward-ssl-upstream: yes
forward-addr: 1.1.1.1@853
forward-addr: 1.0.0.1@853

server:include: /var/unbound/pfb_dnsbl.*conf

Services > DHCP Server
Any DNS entries made here (for VLANs) seem to be ignored, even if the VLANs are not selected in the DNS Resolver under Network interfaces.

VPN > OpenVPN > Clients > Edit
Tunnel Settings

Pull DNS: Not ticked

pfBlockerNG active

Thanks for reading this.

viragomann · Dec 31, 2022, 12:33 PM

@endpoint-credible
Simply forward DNS request with a NAT port forwarding rule on the respective interfaces.

endpoint-credible · Dec 31, 2022, 3:54 PM

@viragomann
What a straight-forward solution! Thanks!
It works as expected now.