DNS Forwarder VS setting firewall-rules to direct request to your own DNS server
networknoob last edited by
I've got a machine setup to act as DNS server. `m planning
to use the router's public ip as its public IP.
router -> pfsense -> my DNS server.
router's DMZ has been setup so that it forwards request to pfsense.
I'm thinking that I should be able to define a new firewall rules
that's basically saying:
WAN -> LAN .. source:* mydnsserver:53
and vice-versa from LAN->WAN
I couldn't make it work. There seems to be other rules that blocks
for some reason.
Another solution that I'm thinking is to define the DNS forwarder feature
in pfsense. Though I don't really have a clue what this does ?
Could someone help ?
hoba last edited by
The DNS forwarder is simply a dns cache that will resolve dns requests that it doesn't have in it's cahe thorugh the dns servers specified at system>general. You can make some custom resolutions by entering speciaal dns servers for special domains or overriding some hostnames by using static mappings.
kattoz last edited by
so, does this mean the dns forwarder on pfsense is likely to crash if used extensively?
and so, if wanting to use it extensively, use firewall rules?
sullrich last edited by
Define extensively, I think to answer the overall question.
trendchiller last edited by
until now i did not have a single problem with that dns-forwarder and believe me: it is used like hell here :-)
i have 500 clients behind out own 2 DNS-Servers and both of them use pfSenses DNS forwarder as the next DNS-hop… it runs... no crashs...
use it and have fun !!! :D