Cannot get domain dns forwarder to work.



  • I have signed up to unblockUS for something and entered their DNS in the forwarder for the domain I want going via that route. But it does not work. If I set my laptop to the required DNS then it does work when I goto that domain.

    IN the domain forwarder I have set it to on, with Query DNS sequentially ticked, and I have added the domain in the Domains Override.

    Is there something else I need to do, as I would prefer not to route all my traffic through this DNS just for the relevant domain.



  • OK after having a bit of a play, I wonder if the fact I have set DNS address (google) in the system>general setup is causing it to go via that DNS regardless of what I put in the forwarder?



  • IS anyone able to help, am I being a bit stupid with the question?

    Long and short is I want a specific service to pick up US content in the UK. I have signed up to a service that will allow that now I just need to point that UK service to a US VPN/DNS, but only that domain.

    I cannot get it to work with instructions found on line. Do I need to switch on or off something else in the interface for it to work?


  • LAYER 8 Global Moderator

    did you clear the cache once you put in the override?  How about a simple sniff on your want to see what is getting asked for the entry..  If I put in a domain override of of say testover.com and point it to 4.2.2.2, and then ask for www.testover.com that is where is goes..

    I use the resolver, so it asks roots and authoritative doesn't forward to anything directly..  So if I remove that override and then ask for www.testover.com it ends up asking the owning nameserver..  Which now that I have started this example might of been a bad choice – since its actually owned and seems to have issues...

    Domain Name: TESTOVER.COM
    Registry Domain ID: 1597861902_DOMAIN_COM-VRSN
    Registrar WHOIS Server: whois.name.com
    Registrar URL: http://www.name.com
    Updated Date: 2015-08-10T16:53:14-06:00Z
    Creation Date: 2010-05-18T14:29:25-06:00Z
    Registrar Registration Expiration Date: 2016-05-18T14:29:25-06:00Z
    Registrar: Name.com, Inc.
    Registrar IANA ID: 625
    Name Server: ns1.testover.com
    Name Server: ns2.testover.com

    and doesn't actually resolve but you get the picture..  Just sniff on our wan and validate where its asking..




  • I need to have a play but it occurred to me last night that I usually put googles dns on my devices. I assume therefore that this will overide anything on the router? Presumably if I point the devices to the router for DNS this will then give it a chance to redirect certain domains to the required DNSes.

    I'll give it a try on the weekend.


  • LAYER 8 Global Moderator

    yeah if you hard code or hand out with dhcp to use some dns server other than pfsense to your clients, your settings on pfsense become meaningless.


Log in to reply