[Unbound DNS] Could I share the DNS service to Internet?



  • Hi,
    I am using Pfsense 2.0 RC3 version with Unbound DNS installed. Thanks for your great work:)
    The Unbound is working very well for LAN but I would like to share it to Internet. So other people can use my WAN IP as DNS resolver..

    I tried the following settings but it seems doesn't work…

    Network interface:
    LAN&&WAN

    NAT:
    WAN TCP/UDP * * WAN address 53 (DNS) 192.168.1.1 53 (DNS) DNS Service

    Thanks for any reply in advance!

    Zlyzwy


  • Rebel Alliance Global Moderator

    And what did you set for an access list?



  • @johnpoz:

    And what did you set for an access list?

    ACL Table:

    LAN allow 192.168.1.0/24

    WAN allow 0.0.0.0/32

    Thanks:)



  • To allow access from the internet, create an ACL with 2 networks:

    0.0.0.0/1
    128.0.0.0/1

    Remember to allow DNS queries to your WAN port on your firewall if you have removed that fw rule you setup previously.



  • I added /0 to the CIDR list - so you can specify 0.0.0.0/0 as a network. Just reinstall unbound.



  • @wagonza:

    To allow access from the internet, create an ACL with 2 networks:

    0.0.0.0/1
    128.0.0.0/1

    Remember to allow DNS queries to your WAN port on your firewall if you have removed that fw rule you setup previously.

    Thanks. it's now working:)


Locked