Configuring LAN to use OpenDNS?



  • Under System->General Setup I have the DNS servers set to 208.67.222.222 and 208.67.220.220.
    Under Services->DHCP server->LAN I have the DNS servers also set to that; same thing with OPT1 (but different irrelevant).
    This pfSense server is NOT the primary DHCP server; the primary DHCP server has dhcpd.conf set like this (look for ServerB):

    (ServerA = Primary DHCPd server, ServerB = pfSense server, ServerC = Irrelevant server)

    ddns-update-style interim;
    ddns-domainname "dyn.company.com.";

    key DHCP_COMPANY {
     algorithm HMAC-MD5.SIG-ALG.REG.INT;
     secret lolcensored
    }

    zone dyn.company.com. {
     primary ServerA;
     key DHCP_COMPANY;
    }
    zone ##.##.in-addr.arpa. {
     primary ServerA;
     key DHCP_COMPANY;
    }

    authoritative;
    ddns-update-style interim;
    deny duplicates;
    authoritative;
    default-lease-time 345600;
    max-lease-time 691200;
    #option domain-name-servers ServerA,ServerC;
    option domain-name-servers ServerA,ServerB;
    option netbios-name-servers ServerA;

    subnet ###.###.###.### netmask ###.###.###.### {
    one-lease-per-client on;
    option broadcast-address ###.###.###.###;
    option domain-name "dyn.company.com";

    option ip-forwarding 1;

    option netbios-name-servers ###.###.###.###;
    option netbios-name-servers ServerA;
    option netbios-node-type 8;

    option perform-mask-discovery 1;

    option router-discovery 0;

    option routers ServerC;

    option routers ServerB;
    option subnet-mask ###.###.###.###;
    option time-servers ServerA;
    update-optimization on;
    update-static-leases on;
    class "Sayson480i" {
    match if (substring(hardware,1,3) = 00:08:5d);
    }
    class "etherboot-an983" {
    match if (substring(hardware,1,3) = 00:04:e2);
    next-server ###.###.###.###;
    filename "nbi-2.6.0-thin1";
    option root-path "/nfs/thin3";
    }
    class "etherboot-3c59x" {
    match if (substring(hardware,1,3) = 00:01:02);
    if substring (option vendor-class-identifier, 0, 9) = "PXEClient" {
    next-server ###.###.###.###;
    filename "eb-5.2.2-3c905c-tpo.zpxe";
    } else if substring (option vendor-class-identifier, 0, 9) = "PXEclient" {
    next-server ###.###.###.###;
    filename "eb-5.2.2-3c905c-tpo.zpxe";
    } else if substring (option vendor-class-identifier, 0, 9) = "Etherboot" {
    next-server ###.###.###.###;
    filename "nbi-2.6.0-thin1";
    option vendor-encapsulated-options ##:##:##:##:##:##:##:##:##:##:##;
    } else {
    next-server ###.###.###.###;
    option root-path "/nfs/thin2";
    }
    }
    pool {
    range ###.###.###.### ###.###.###.###;
    allow members of "etherboot-an983";
    allow members of "etherboot-3c59x";
    }
    pool {
    range ###.###.###.###;
    allow members of "Sayson480i";
    }

    Known Clients

    pool {
    range ###.###.###.### ###.###.###.###;
    deny unknown clients;
    }

    Unknown Clients

    pool {
    range ###.###.###.### ###.###.###.###;
    #option root-path "/nfs";
    #next-server ###.###.###.###;
    allow unknown clients;
    }
    }
    subnet ###.###.###.### netmask ###.###.###.### {
    }

    host workstation {
    hardware ethernet ##:##:##:##:##:##;
    option domain-name "company.com";
    fixed-address ###.###.###.###;
    }

    When I go to http://welcome.opendns.com/, it says my network isn't using OpenDNS. :(



  • @BlueToast:

    When I go to http://welcome.opendns.com/, it says my network isn't using OpenDNS. :(

    You have created an account at OpenDNS and registered your public IP address?

    Unless I have missed something, it looks as if your primary DHCP server will tell its clients they should use serverA or serverB as their DNS. You haven't said anything about configuring serverA to use OpenDNS.



  • Aha, you have a logical point. I will try setting OpenDNS on the DHCPd server as the DNS servers and see what happens …


Locked