DNS Forwarder Domain Override buggy?
-
Hi,
it seems to me that the domain override feature ist not working. If i configure a override for the domain e.g. xyz.local to DNS Server 192.168.1.1 (in other via IPSEC VPN connected network) nothing happens.
To override a single Host is no problem - that's working!
Any idea?
ps: i have RC3b
-
You need a fake route to send the traffic to the remote dns-server into the tunnel. Add a static route at system>static routes to <ip of="" remote="" dns-server="">/32 through gateway <local lan="" ip="" of="" your="" pfsense="">.</local></ip>
-
Great - that's the solution - it works fine now!
Here is another Question i dont realize why its not working: In my local LAN pfsense acts as a DHCP Server. In the DNS Forwarder i configured that leases should be registered in the forwarder. In that case the Forwarder should resolve the local Hostnames to IP Adresses … and this is exactly what it is not doing?!
Some Information what ipconfig is reporting about my network:
Hostname: zaphod
Primary DNS Suffix:
Connection Specific DNS Suffix: daheim.localpfsense is listing my Hostaname at Status/DHCP leases as "Zaphod"
And here is what nslookup tells me:
-------------------------- SNIP ------------------------
C:>nslookup
Standardserver: wall.daheim.local
Address: 192.168.100.254wall.daheim.local (This is a test ... its pfsense itself)
Server: wall.daheim.local
Address: 192.168.100.254Name: wall.daheim.local
Address: 192.168.100.254zaphod.daheim.local (Not working with zaphod)
Server: wall.daheim.local
Address: 192.168.100.254*** zaphod.daheim.local wurde von wall.daheim.local nicht gefunden: Non-existent
domainZaphod.daheim.local (Not working with Zaphod)
Server: wall.daheim.local
Address: 192.168.100.254*** Zaphod.daheim.local wurde von wall.daheim.local nicht gefunden: Non-existent
domain
-------------------------- SNIP ------------------------Is there something wrong with my configuration or is there a reason why thats not working?
Thanks in advance ... -
Check your clients systemsetting if your clients are in the correct domain. Does it work if you only try to resolve "zaphod" instead of "zaphod.daheim.local".
-
"ping zaphod" without "daheim.local" is working! If I "ping localhost" the reply is "zaphod" not "zaphod.daheim.local".
But does it realy matter? I think, if I (like i did) query a DNS server via NSLOOKUP and the resolver answers with "…Non-existent domain", it should not be a problem of the client machine?!
Is there a way to look into the table, where the DNS server holds its entrys? I found nothing in the status or diagnostic page or status.php.