Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Configuring LAN to use OpenDNS?

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 2 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      BlueToast
      last edited by

      Under System->General Setup I have the DNS servers set to 208.67.222.222 and 208.67.220.220.
      Under Services->DHCP server->LAN I have the DNS servers also set to that; same thing with OPT1 (but different irrelevant).
      This pfSense server is NOT the primary DHCP server; the primary DHCP server has dhcpd.conf set like this (look for ServerB):

      (ServerA = Primary DHCPd server, ServerB = pfSense server, ServerC = Irrelevant server)

      ddns-update-style interim;
      ddns-domainname "dyn.company.com.";

      key DHCP_COMPANY {
       algorithm HMAC-MD5.SIG-ALG.REG.INT;
       secret lolcensored
      }

      zone dyn.company.com. {
       primary ServerA;
       key DHCP_COMPANY;
      }
      zone ##.##.in-addr.arpa. {
       primary ServerA;
       key DHCP_COMPANY;
      }

      authoritative;
      ddns-update-style interim;
      deny duplicates;
      authoritative;
      default-lease-time 345600;
      max-lease-time 691200;
      #option domain-name-servers ServerA,ServerC;
      option domain-name-servers ServerA,ServerB;
      option netbios-name-servers ServerA;

      subnet ###.###.###.### netmask ###.###.###.### {
      one-lease-per-client on;
      option broadcast-address ###.###.###.###;
      option domain-name "dyn.company.com";

      option ip-forwarding 1;

      option netbios-name-servers ###.###.###.###;
      option netbios-name-servers ServerA;
      option netbios-node-type 8;

      option perform-mask-discovery 1;

      option router-discovery 0;

      option routers ServerC;

      option routers ServerB;
      option subnet-mask ###.###.###.###;
      option time-servers ServerA;
      update-optimization on;
      update-static-leases on;
      class "Sayson480i" {
      match if (substring(hardware,1,3) = 00:08:5d);
      }
      class "etherboot-an983" {
      match if (substring(hardware,1,3) = 00:04:e2);
      next-server ###.###.###.###;
      filename "nbi-2.6.0-thin1";
      option root-path "/nfs/thin3";
      }
      class "etherboot-3c59x" {
      match if (substring(hardware,1,3) = 00:01:02);
      if substring (option vendor-class-identifier, 0, 9) = "PXEClient" {
      next-server ###.###.###.###;
      filename "eb-5.2.2-3c905c-tpo.zpxe";
      } else if substring (option vendor-class-identifier, 0, 9) = "PXEclient" {
      next-server ###.###.###.###;
      filename "eb-5.2.2-3c905c-tpo.zpxe";
      } else if substring (option vendor-class-identifier, 0, 9) = "Etherboot" {
      next-server ###.###.###.###;
      filename "nbi-2.6.0-thin1";
      option vendor-encapsulated-options ##:##:##:##:##:##:##:##:##:##:##;
      } else {
      next-server ###.###.###.###;
      option root-path "/nfs/thin2";
      }
      }
      pool {
      range ###.###.###.### ###.###.###.###;
      allow members of "etherboot-an983";
      allow members of "etherboot-3c59x";
      }
      pool {
      range ###.###.###.###;
      allow members of "Sayson480i";
      }

      Known Clients

      pool {
      range ###.###.###.### ###.###.###.###;
      deny unknown clients;
      }

      Unknown Clients

      pool {
      range ###.###.###.### ###.###.###.###;
      #option root-path "/nfs";
      #next-server ###.###.###.###;
      allow unknown clients;
      }
      }
      subnet ###.###.###.### netmask ###.###.###.### {
      }

      host workstation {
      hardware ethernet ##:##:##:##:##:##;
      option domain-name "company.com";
      fixed-address ###.###.###.###;
      }

      …

      When I go to http://welcome.opendns.com/, it says my network isn't using OpenDNS. :(

      1 Reply Last reply Reply Quote 0
      • W
        wallabybob
        last edited by

        @BlueToast:

        When I go to http://welcome.opendns.com/, it says my network isn't using OpenDNS. :(

        You have created an account at OpenDNS and registered your public IP address?

        Unless I have missed something, it looks as if your primary DHCP server will tell its clients they should use serverA or serverB as their DNS. You haven't said anything about configuring serverA to use OpenDNS.

        1 Reply Last reply Reply Quote 0
        • B
          BlueToast
          last edited by

          Aha, you have a logical point. I will try setting OpenDNS on the DHCPd server as the DNS servers and see what happens …

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.