Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Dns server in another interface

    Scheduled Pinned Locked Moved DHCP and DNS
    5 Posts 3 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L Offline
      lou
      last edited by

      Hi, I have two interfaces. LAN1 and LAN2. In lan1 i have DNS server. I would like configure LAN1 DNS SERVER for LAN2.

      I created a rule that allow traffic between LAN1 to lan2. But it can't work.

      any idea that i do wrong?

      Thanks

      1 Reply Last reply Reply Quote 0
      • P Offline
        phil.davis
        last edited by

        Which interface did you put the rule/s on?
        To allow access from LAN2 into LAN1 you need pass rule/s on the LAN2 tab, source LAN2 subnet addresses, destination LAN1 subnet addresses.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • L Offline
          lou
          last edited by

          Hi!

          Yes i did that.

          Lan1 subnet: 192.168.150.0 /23
          Lan2 subnet; 172.16.1.0:/24

          DNS server: 192.168.150.1

          I don't know how  I do to configure it

          Thanks!

          1 Reply Last reply Reply Quote 0
          • P Offline
            phil.davis
            last edited by

            On LAN2 you need a rule:
            pass all source LAN2net destination 192.168.150.1
            Post your rules if you are stuck.

            As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
            If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

            1 Reply Last reply Reply Quote 0
            • johnpozJ Offline
              johnpoz LAYER 8 Global Moderator
              last edited by

              If you want to allow only dns, then your rule would be as above with tcp/udp 53 as the dest port.

              But why not just allow dns queries to the lan2 interface IP?  This would be a more common setup - dnsmasq can run on whatever IPs you want it to listen on.. Not like you have to run another instance of it or anything - it will just listen on more than one interface is all for queries.

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.