Use DNS Resolver for local LAN DNS lookups only?



  • Hi, I have the following network configured, but not sure how to address the problem of local DNS lookups in the LAN_VPN subnet.I would like to do the following:

    • Hosts in the LAN_VPN subnet use the pfsense resolver for local DNS entries only i.e. HostA2 can refer to HostA1 using address HostA1.local.lan
    • LAN_VPN uses the DHCP assigned external DNS servers for all other DNS lookups.

    At the moment, HostA2 has to refer to HostA1 by IP.

    Is this configuration possible, and if so, how?

    Thank you.



  • That's up to the client machines themselves as to what they'll use. Generally speaking, no that's not possible. You have to either use the resolver for everything, or nothing.



  • To make this work, would have to be able to disable root hints and use forwarding mode.

    How to disable root hints in unbound?



  • @gjaltemba:

    To make this work, would have to be able to disable root hints and use forwarding mode.

    How to disable root hints in unbound?

    That won't do what OP is asking about. If you want to use forwarding mode you can just by checking the box to do so, no need to do anything with root hints. That doesn't change clients' behavior in what DNS server they use for what domain though.



  • I was thinking more in lines when the client is in lock down mode.



  • @cmb:

    That's up to the client machines themselves as to what they'll use. Generally speaking, no that's not possible. You have to either use the resolver for everything, or nothing.

    Thanks cmb.

    I'll just use host file entries then. Just for home network, so no big deal.