Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS Forwarder Domain Override buggy?

    Scheduled Pinned Locked Moved
    DHCP and DNS
    2
    5
    5.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      EmL
      last edited by

      Hi,

      it seems to me that the domain override feature ist not working. If i configure a override for the domain e.g. xyz.local to DNS Server 192.168.1.1 (in other via IPSEC VPN connected network) nothing happens.

      To override a single Host is no problem - that's working!

      Any idea?

      ps: i have RC3b

      1 Reply Last reply Reply Quote 0
      • H
        hoba
        last edited by

        You need a fake route to send the traffic to the remote dns-server into the tunnel. Add a static route at system>static routes to <ip of="" remote="" dns-server="">/32 through gateway <local lan="" ip="" of="" your="" pfsense="">.</local></ip>

        1 Reply Last reply Reply Quote 0
        • E
          EmL
          last edited by

          Great - that's the solution - it works fine now!

          Here is another Question i dont realize why its not working: In my local LAN pfsense acts as a DHCP Server. In the DNS Forwarder i configured that leases should be registered in the forwarder. In that case the Forwarder should resolve the local Hostnames to IP Adresses … and this is exactly what it is not doing?!

          Some Information what ipconfig is reporting about my network:

          Hostname: zaphod
          Primary DNS Suffix:
          Connection Specific DNS Suffix: daheim.local

          pfsense is listing my Hostaname at Status/DHCP leases as "Zaphod"

          And here is what nslookup tells me:

          -------------------------- SNIP ------------------------
          C:>nslookup
          Standardserver:  wall.daheim.local
          Address:  192.168.100.254

          wall.daheim.local                        (This is a test ... its pfsense itself)
          Server:  wall.daheim.local
          Address:  192.168.100.254

          Name:    wall.daheim.local             
          Address:  192.168.100.254

          zaphod.daheim.local                    (Not working with zaphod)
          Server:  wall.daheim.local
          Address:  192.168.100.254

          *** zaphod.daheim.local wurde von wall.daheim.local nicht gefunden: Non-existent
          domain

          Zaphod.daheim.local                    (Not working with Zaphod)
          Server:  wall.daheim.local
          Address:  192.168.100.254

          *** Zaphod.daheim.local wurde von wall.daheim.local nicht gefunden: Non-existent
          domain
          -------------------------- SNIP ------------------------

          Is there something wrong with my configuration or is there a reason why thats not working?
          Thanks in advance ...

          1 Reply Last reply Reply Quote 0
          • H
            hoba
            last edited by

            Check your clients systemsetting if your clients are in the correct domain. Does it work if you only try to resolve "zaphod" instead of "zaphod.daheim.local".

            1 Reply Last reply Reply Quote 0
            • E
              EmL
              last edited by

              "ping zaphod" without "daheim.local" is working! If I "ping localhost" the reply is "zaphod" not "zaphod.daheim.local".

              But does it realy matter? I think, if I (like i did) query a DNS server via NSLOOKUP and the resolver answers with "…Non-existent domain", it should not be a problem of the client machine?!

              Is there a way to look into the table, where the DNS server holds its entrys? I found nothing in the status or diagnostic page or status.php.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post