Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Multiple servers in Domain Overrides?

    Scheduled Pinned Locked Moved DHCP and DNS
    3 Posts 3 Posters 2.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      fhorlaville
      last edited by

      Hi, apologies if this has already been answered, I tried Google and the forum search but couldn't find it.

      Here is our setup (question follows)

      We have an internal legacy DNS/DHCP server (Win2000) which is flaky but we can't get rid of it just yet. To make our systems more resilient when it crashes, we've set up BIND on a CentOS 6 box as a slave DNS and have added a Domain Override on pfSense to point our internal domains to this CentOS box.

      Not ideal but an acceptable workaround for the moment.

      We have now patched CentOS to address the GHOST vulnerability and need to reboot it.

      Question: Is there a way we can add a second IP in the Domain Overrides section? We're using pfSense 2.1.4-RELEASE

      We can always point them to our legacy server for the duration of the reboot, but I'd like a more permanent solution.

      Thanks !

      Franck Horlaville

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        Its a reboot.. So what dns would be unavailable for what 5 minutes..  Most things should be cached at the client anyway, so you would be worried about fresh lookups or stuff that ttl expired.

        Reboot it at 5pm and there shouldn't be any issues - if there is its what 5 minutes ;)  If they call - say try in now ;)

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • P
          phil.davis
          last edited by

          dnsmasq (DNS Forwarder) does not have any way to specify multiple addresses in the "–server=" parameter.
          http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html
          I remember having a look at this, because I would like it for some of my remote sites so they can point to multiple DNS servers for some internal domain names (some of which might be across site-to-site OpenVPN links).

          So there is no way to do it in 2.1.n

          But unbound (DNS Resolver) in 2.2 does have the ability to specify multiple stub-addr in a stub-zone. So it seems it will be possible to have this with Unbound DNS Resolver on pfSense 2.2.?
          Actually I would like to be able to specify this - so I will have a go at adding it to the GUI and if I get it working will submit a pull request.

          Redmine feature request: https://redmine.pfsense.org/issues/4350

          As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
          If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.