Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Redirecting or spoofing DNS

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MaxPF
      last edited by

      Is there a way to make the DNS forwarder service run with ip 8.8.8.8 which is Google public DNS server for internal LAN clients? I don't mean forwarding DNS queries to that server, but making pfSense DNS forwarder "impersonate" 8.8.8.8 when a client tries to connect to it.

      The reason I need this is because the latest update of the Netflix app for Android seems to be bypassing the client assigned DNS server and tries to use 8.8.8.8 for its DNS queries and if it cannot connect, it will not work. I don't want Netflix to use any DNS server other than the one I'm assigning to the client because that will prevent me from using region switching services which allow me to access content from regions other than mine.

      Can I create a VIP with 8.8.8.8, assign it to an interface, run DNS forwarder and make it routable from the LAN subnet?

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        https://forum.pfsense.org/index.php/topic,60925.0.html

        https://forum.pfsense.org/index.php?topic=63399.0

        1 Reply Last reply Reply Quote 0
        • M
          MaxPF
          last edited by

          Thanks for the links. I solved the problem by adding IP Aliases to the LAN interface with ip 8.8.8.8 and 8.8.4.4 and then select those as additionl interfaces in the DNS forwareder and it works.
          I never thought about the NAT trick, I may give it a try.

          1 Reply Last reply Reply Quote 0
          • KOMK
            KOM
            last edited by

            The NAT trick is the proper way of doing it.  Using virtual IPs for addresses you don't own is kind of a hack.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.