DNs for internal domain and forwarding for all other requests



  • All,

    I'm a bit confused on the right way to setup my new pfSense box as a DNS server.

    I want to be able to serve DNS for an internal domain (and possibly later have this domain updated with DHCP allocated addresses), and then forward all other requests to my ISP's DNS servers.

    Using TinyDNS, DNS for my internal domain works. But that doesn't seem to forward requests that it is not authoritative for to my ISP's servers.

    Using the forwarder, I see that I can add domain overrides, but that then requires that I have a specific DNS server setup for that, and I can't run TinyDNS and dnsmasq on this box at the same time if they both want to bind to port 53.

    What's the right way of doing this ?



  • I now have this working. Here are the steps I took.

    1. Install TinyDNS (System -> Packages -> Available Packages -> Install dns-server)

    2. Added new domain to Tiny DNS (Services -> DNS Server -> New domain wizard)
    During this step, I added my domain (foo.com) with a number of initial hosts

    3. Configure Tiny DNS (Services -> DNS Server -> Settings)
    I set the following:

    Enable recursive DNS responder: Disabled
    IP Address: 127.0.0.1
    Interface to listen: loopback

    I left all other settings as default

    4. Configured DNS Forwarder (Services -> DNS Forwarder)
    Enable DNS forwarder: selected
    Interfaces: LAN

    5. Added domain to overwride (Services -> DNS Forwarder -> add Domain Override near bottom of page)
    Settings here are

    Domain: foo.com
    IP address: 127.0.0.1

    6. Ensure that your ISP's DNS servers (or whichever servers you want to forward to) are configured under System -> General Setup

    This is now working. All requests for my domain are handled by TinyDNS and everything outside my domain is handled by the forwarder.