Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS forwarder not working for specific domain…

    Scheduled Pinned Locked Moved DHCP and DNS
    3 Posts 2 Posters 944 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Sup3rior
      last edited by

      Hi,

      Have set up DNS forwarder on my local pFSense box and have defined 2 domain overrides (domain A with 3 entries, that is 3 DNS servers able to respond and domain B with 2 entries).
      Now, the weird thing is that while I am able to resolve hostnames on domain A it doesn't work on domain B. The pFSense box is however able to ping both the DNS servers for domain B and doing an nslookup from my workstation (which is sitting behind the pFSense) I have no problem connecting to the dns servers and resolving names.

      Any suggestions?

      Regards,
      Anders

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        Are the domain B DNS servers across a VPN?
        In that case the queries can get sourced from a VPN tunnel endpoint on pfSense, and the domain B DNS servers might not know how to route back to the VPN tunnel IP. To avoid that you specify "Source IP" on the Domain Overrides screen.
        And if you have already specified "Source IP" then make sure it is still correct - I have had times when I changed the pfSense LAN IP and forgot to change "Source IP" also.
        Otherwise, give more details of your network and DNS naming…

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • S
          Sup3rior
          last edited by

          That did the trick, thanks phil :)

          Strange thing is that DNS servers for both domains are sitting on the other end of the same VPN tunnel, only difference is the subnet to which they belong on the other end…

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.