Dns forwarder



  • I have a problem using the dnsforwarder. The forwarder is working correctly, but I want to override one address. So I configured the address and the forward lookup ist working well. But I dont get any reverse lookup. Does the dns override only work in one way ?
    Thanks

    Peter



  • Yes, it does not do reverse lookups.



  • My pfsense installation has three interfaces and I use one of these interfaces for ssl encrypted administration. Now I want the user to authenticate via a ssl encrypted page (someone has to document that max keylength to use here is 1024 bit - I tried 2048 bit…) and I thougt I could use the same certificate for that. But the dnsforwarder does only a forward lookup and the ssl certificate can not be verified this way.
    Is there any reason to do no reverse lookups?



  • @amathar:

    My pfsense installation has three interfaces and I use one of these interfaces for ssl encrypted administration. Now I want the user to authenticate via a ssl encrypted page (someone has to document that max keylength to use here is 1024 bit - I tried 2048 bit…) and I thougt I could use the same certificate for that. But the dnsforwarder does only a forward lookup and the ssl certificate can not be verified this way.
    Is there any reason to do no reverse lookups?

    I'm not sure if dnsmasq, the forwarder we use, supports lookups with local PTR records. If it doesn't, that's why. If it does, it's just that nobody has implemented it. If you care to look into the capabilities of dnsmasq, report back with what you find.



  • http://osdir.com/ml/network.dns.dnsmasq.general/2006-10/msg00002.html

    seems that it can be done with local

    release version 2.39 is out as a side note


Log in to reply