Having issues with DNS and my site hosted locally



  • So I've seen this issue posted a lot but haven't found anything that has helped me. I have mysite.com resolving to my WAN IP via DynDNS. Port forwarded to my internal server. Works fine externally but when I try to browse to mysite.com from a local client I hit my pfsense login page. I have unbound disabled and dnsmasq enabled.

    Register DHCP leases in DNS forwarder checked
    Register DHCP static mappings in DNS forwarder not checked
    Resolve DHCP mappings first checked
    Query DNS servers sequentially checked
    Require domain not checked
    Do not forward private reverse lookups not checked
    Default port
    All interfaces
    Strict Interface Binding not checked

    Domain Overrides
    mysite.com 192.168.0.100 (web server)

    With .100 as the IP the site times out with This webpage is not available, DNS_PROBE_FINISHED_NXDOMAIN
    With .1 as the IP I go right to my pfsense log in page.

    I'm guessing I'm doing something wrong with the host/domain overrides but I can't figure it out.


  • Netgate

    What is the internal host that isn't getting the proper domain override configured to use as its DNS server(s)?



  • @Derelict:

    What is the internal host that isn't getting the proper domain override configured to use as its DNS server(s)?

    All clients and servers on the internal network are using 192.168.0.1 (the pfsense box). Servers and printers are static everything else is DHCP.


  • Netgate

    And when they dig mysite.com what do they get in response?



  • @Derelict:

    And when they dig mysite.com what do they get in response?

    DNS request timed out.
        timeout was 2 seconds.
    DNS request timed out.
        timeout was 2 seconds.
    *** Request to pfSense.localdomain timed-out


  • Netgate

    Looks like the firewall rules do not allow them to use the DNS forwarder to resolve names or the forwarder isn't listening on the interface or layer 2 is hosed or…



  • I would think nothing would resolve if the client couldn't reach DNS.

    I get this in the logs:

    Jul 9 20:26:41 dnsmasq[31756]: query[A] mysite.com from 192.168.0.12
    Jul 9 20:26:41 dnsmasq[31756]: forwarded mysite.com to 192.168.0.100

    But if I ping mysite.com it times out.

    Another oddity is that I can hit the site from my WiFi only tablet but I still can't ping the name. I get unknown host.


  • Netgate

    Yeah you've not done a host override you've done a domain override.  Do a host override instead.



  • @Derelict:

    Yeah you've not done a host override you've done a domain override.  Do a host override instead.

    IIIIIIIIIIIIIIIII'm dumb. When I looked at the host overrides for some reason I though the "host" had to be filled in. I didn't realize it wasn't a required field and I didn't even bother to try…. Using mysite.com for the domain and leaving host blank works exactly as you would expect it to. Thanks for pointing out what should have been obvious to me!!! haha. doh.


  • Netgate

    As would mysite for the host and com for the domain, I believe.  Glad you got it working.