Forward all subdomain to IP address



  • Hi all,

    I want to configure pfSense to forward all requests on a specific domain.tld to a specific IP address. This is helpful for intranets or multiple people working on a single deployment, and web servers are set up with virtual name hosting.

    For example, I want all sub-domains in "dev.local" to resolve to IP address "192.168.1.2", like "www.dev.local" and "developer1.dev.local" or "developer2.dev.local". I then have the server at "192.168.1.2" set with virtual name hosting to handle these domains where defined.

    I thought the DNS forwarder would be able to handle this, seeing as "host" is not a required field, but "domain" is. I looked through these forums and the closest I found was a thread on blocking by domain. An example of this is forwarding all requests to "doubleclick.net" (or "www1.doubleclick.net", or any of its servers) to "0.0.0.0".

    I'm using pfSense 1.2-release, however, and this doesn't seem to be working for me. Any ideas?

    Thanks!



  • seeing as "host" is not a required field, but "domain" is

    I would enter dev.local under "Below you can override an entire domain by specifying an authoritative dns server to be queried for that domain." is that not what you want ?

    set with virtual name hosting to handle these domains where defined

    Probably not enough as text says "authoritative dns server"



  • Unfortunately, I don't want to really run another DNS. I could become an authoritative server for all ".dev.local", but that's not ideal. That would mean I add the entry for all ".dev.local", redirect it to "192.168.1.1", and then run another DNS server on my pfSense router.

    Is there a way to manually add an entry that will forward all domains? I notice that the changes I make to the DNS forwarder list get written into /etc/hosts. Is the configuration file available some where? Is this a bug in the DNS forwarder? What do you think?



  • I'm also trying to forward all http(s) requests for domain [x.com] to a single designated LAN IP (regardless of [sub-domain].x.com) and have not been successful.

    I would expect that leaving the host field blank or using something like a * wild-card would do the trick, but no go.


Log in to reply