Dns setting not work correct



  • Iam in pfsense 2.0.2
    case 1:
    I set my dns in System: General Setup like this :

    10.0.0.252
    202.96.128.86

    then the resolv.conf will like this

    domain localdomain
    nameserver 127.0.0.1
    nameserver 10.0.0.252
    nameserver 202.96.128.86

    10.0.0.252 is my local dns server, 202.96.128.86 is isp dns server

    If I setup Like that,the dns 10.0.0.252 will not work.
    domain in 10.0.0.252 can't be nslookup.
    but the isp dns is work.

    case 2:
    If I delete the line "nameserver 127.0.0.1" in /etc/resolv.conf with shell, the dns 10.0.0.252 work!
    and the is dns is work too.

    case 3:
    If I set the isp dns 202.96.128.86 in first,it will work.

    so wht's the problem in case 2?
    who know ?please tell me.
    thank you so much.


  • Rebel Alliance Developer Netgate

    By default, pfSense will use the DNS Forwarder (dnsmasq) for DNS queries. It sends a DNS request to all servers at once and uses the fastest reply.

    If you don't want that to happen, go to System > General and check "Do not use the DNS Forwarder as a DNS server for the firewall"

    Though it sounds like maybe you aren't doing the right thing with the config in general. If there are DNS queries that only 10.0.0.252 can answer, including the public DNS server in the DNS settings may not be ideal. If there is a specific domain that must be resolved using 10.0.0.252, then you can add a domain override to the DNS forwarder to ensure it's properly used for that domain's DNS queries.



  • @jimp:

    By default, pfSense will use the DNS Forwarder (dnsmasq) for DNS queries. It sends a DNS request to all servers at once and uses the fastest reply.

    If you don't want that to happen, go to System > General and check "Do not use the DNS Forwarder as a DNS server for the firewall"

    Though it sounds like maybe you aren't doing the right thing with the config in general. If there are DNS queries that only 10.0.0.252 can answer, including the public DNS server in the DNS settings may not be ideal. If there is a specific domain that must be resolved using 10.0.0.252, then you can add a domain override to the DNS forwarder to ensure it's properly used for that domain's DNS queries.

    Glad to see your reply.
    I can't understand your explain,but…
    I add my local domain in here,the dns is answered correct.
    Services -> DNS forwarder -> Domain overrides
    Thanks so much.



  • Glad to see your reply.
    I can't understand your explain,but…
    I add my local domain in here,the dns is answered correct.
    Services -> DNS forwarder -> Domain overrides
    Thanks so much.

    YOU DONT NEED TO ADD ANY SETTING OVER THERE YOU HAVE TO INSERT THE CORRECT DNS ENTRY OVER THE GENERAL SET UP SELECT THE CORRECT GATE WAY FOR THE DNS . OR TRY TO INSERT GOOGLE DSN FOR CHECKING 8.8.8.8 AND SELECT GATE WAY YOU WISH ,THEN TRY TO PING TO GOOGLE FORM THE DIAGNOSITC TAB ,BY THAT YOU CAN REALIZE IF IT IS DNS PROBLEM OR NOT  .Services -> DNS forwarder -> PAGE YOU HAVE ONLY PUT A TICK MARK ON (ENABLE DNS FORWARDING TAB)


Log in to reply