<![CDATA[DNS for several VLANs]]>Dear community,

Thanks for an awesome product. I'm loving pfSense!  ;D

Can anyone point me in the direction of which dns server ip address I should use for my VLANs?

Example:
Parent LAN(em0) has the address 10.11.1.1
VLAN12 has the address 10.11.12.1, which means my DHCP clients also gets DNS ip as 10.11.12.1, so far so good.
I can do NSLOOKUP from a Windows PC on that VLAN, no problem. But it annoys me that the NSLOOKUP, says "UnKnown":

nslookup fw01
Server: UnKnown
Address: 10.11.12.1

Name: fw01.mylan
Address: 10.11.1.1

As you can see, it resolves the IP just fine of "fw01" which is the parent LAN interface on the Pfsense box. But it's still "UnKnown".

Hooking up directly to the LAN interface with a DHCP client, and all is fine and dandy:

nslookup fw01
Server: fw01.mylan
Address: 10.11.1.1

Name: fw01.mylan
Address: 10.11.1.1

So this led me to think; which local DNS ip should I use for my VLANs? The VLAN gateway or the parent LAN gateway?

Using the VLAN gateway leads to "errors" during NSLOOKUP, but seems to work.
Defining VLAN12 DHCP service to use the parent LAN gateway IP(10.11.1.1) as DNS server works fine without errors, when I add a firewall rule for UDP port 53 from "VLAN12" to "LAN net"

So any tips on best practice, for assigning local DNS server ip addresses for VLANs?

Thanks for your time
Best regards
Jim

]]>https://forum.netgate.com/topic/63333/dns-for-several-vlansRSS for NodeTue, 10 Mar 2026 13:49:31 GMTSun, 01 Dec 2013 19:03:46 GMT60<![CDATA[Reply to DNS for several VLANs on Wed, 04 Dec 2013 19:56:47 GMT]]>@johnpoz:

No in your host over rides in in the dns forwarder on pfsense.

Much obliged, I'll try and report back.

/Jim

]]>https://forum.netgate.com/post/432678https://forum.netgate.com/post/432678Wed, 04 Dec 2013 19:56:47 GMT<![CDATA[Reply to DNS for several VLANs on Mon, 02 Dec 2013 21:37:19 GMT]]>No in your host over rides in in the dns forwarder on pfsense.

]]>https://forum.netgate.com/post/432317https://forum.netgate.com/post/432317Mon, 02 Dec 2013 21:37:19 GMT<![CDATA[Reply to DNS for several VLANs on Mon, 02 Dec 2013 21:18:10 GMT]]>@johnpoz:

If you have your dns forwarder listening on all your vlan segments - Which is seems like you do since 12.1 resolved

Name: fw01.mylan
Address: 10.11.1.1

If you want 10.11.12.1 to resolve to something then just put that entry in your host over rides.  Then both its reverse and forwards will responds..

Hi John,

Thanks for your swift reply. Here is my comments, please advise:

If you have your dns forwarder listening on all your vlan segments - Which is seems like you do since 12.1 resolved
I have no idea if I have? It's just setup default.

Name: fw01.mylan
Address: 10.11.1.1

If you want 10.11.12.1 to resolve to something then just put that entry in your host over rides.  Then both its reverse and forwards will responds..
Do you mean the local hosts file on Windows?

Thanks for your help so far.
Jim

]]>https://forum.netgate.com/post/432309https://forum.netgate.com/post/432309Mon, 02 Dec 2013 21:18:10 GMT<![CDATA[Reply to DNS for several VLANs on Mon, 02 Dec 2013 21:12:49 GMT]]>If you have your dns forwarder listening on all your vlan segments - Which is seems like you do since 12.1 resolved

Name: fw01.mylan
Address: 10.11.1.1

If you want 10.11.12.1 to resolve to something then just put that entry in your host over rides.  Then both its reverse and forwards will responds..

]]>https://forum.netgate.com/post/432306https://forum.netgate.com/post/432306Mon, 02 Dec 2013 21:12:49 GMT<![CDATA[Reply to DNS for several VLANs on Mon, 02 Dec 2013 21:06:57 GMT]]>Anyone? Do you need more info? Drawings? Etc?

Thanks
Jim

]]>https://forum.netgate.com/post/432304https://forum.netgate.com/post/432304Mon, 02 Dec 2013 21:06:57 GMT