Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS Servers for ISP ? Can we use pfSense ?

    Scheduled Pinned Locked Moved DHCP and DNS
    23 Posts 6 Posters 4.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      soamz
      last edited by

      Hi, we are an ISP in our city. We currently use Google DNS only, but I know, its not a solution. Since many customers depend on the ISP, so we need to have our own DNS server for the best experience.

      So, I was thinking to setup a DNS server in my central office.

      So, is pfSense a solution ?

      How easy it to setup everything ?
      What do I need ?
      Do we need 2 servers or 1 server ?

      And do we get someone whom I can pay for his time and he can do the whole setup, so its done once and forever ?

      1 Reply Last reply Reply Quote 0
      • johnpozJ Offline
        johnpoz LAYER 8 Global Moderator
        last edited by

        "so its done once and forever ?"

        Huh??  Nothing is done once and forever in IT..  There are security patches, hardware refresh, etc..  I would not setup pfsense just to run a dns server..  How many users of your ISP???  How is having your own dns the best experience?  Most users would much rather just run their own resolver or use a public dns than some lame isp dns that has to ask on a public forum…

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 25.07.1 | Lab VMs 2.8, 25.07.1

        1 Reply Last reply Reply Quote 0
        • S Offline
          soamz
          last edited by

          1. I have 500 users now and it will be around 2000 in next 1 year.
          2. Im using google DNS now. Its works fine, but I need my DNS so I can get more less latency.
          3. We tell our customers to use our own IP only and everyone customers only does what we say.

          So, whats the solution ?

          1 Reply Last reply Reply Quote 0
          • DerelictD Offline
            Derelict LAYER 8 Netgate
            last edited by

            I think he's implying that an ISP shouldn't have to query a firewall forum how to do DNS caching. I would tend to agree.

            If I were you I would roll my own BIND or unbound servers, probably using ubuntu LTS, redundantly virtualized, and geographically diverse if possible.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • S Offline
              soamz
              last edited by

              Okay so basically pfSense is firewall only.
              Did not know about it.

              About the DNS BIND thing, shall I follow this tutorial to do it in my server ?

              http://ubuntuforums.org/showthread.php?t=2166260

              BTW, which installing Ubuntu server, an option comes for DNS server, I had selected it to install.
              Had it done the job already?

              1 Reply Last reply Reply Quote 0
              • DerelictD Offline
                Derelict LAYER 8 Netgate
                last edited by

                OMG I feel sorry for your customers.

                Chattanooga, Tennessee, USA
                A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                Do Not Chat For Help! NO_WAN_EGRESS(TM)

                1 Reply Last reply Reply Quote 0
                • S Offline
                  soamz
                  last edited by

                  Sorry ??

                  1 Reply Last reply Reply Quote 0
                  • johnpozJ Offline
                    johnpoz LAYER 8 Global Moderator
                    last edited by

                    Yeah really really sorry… What is this isp??

                    An intelligent man is sometimes forced to be drunk to spend time with his fools
                    If you get confused: Listen to the Music Play
                    Please don't Chat/PM me for help, unless mod related
                    SG-4860 25.07.1 | Lab VMs 2.8, 25.07.1

                    1 Reply Last reply Reply Quote 0
                    • S Offline
                      soamz
                      last edited by

                      @johnpoz:

                      Yeah really really sorry… What is this isp??

                      https://en.wikipedia.org/wiki/Internet_service_provider

                      1 Reply Last reply Reply Quote 0
                      • johnpozJ Offline
                        johnpoz LAYER 8 Global Moderator
                        last edited by

                        hehehehe –- there must be a HUGE language barrier...  I think I know what an ISP is, and sorry but you shouldn't be running one if you have to ask about setting up dns...  Or don't have staff to do that for you..

                        And with statements like this "so its done once and forever" shouldn't even be in IT from any angle..

                        An intelligent man is sometimes forced to be drunk to spend time with his fools
                        If you get confused: Listen to the Music Play
                        Please don't Chat/PM me for help, unless mod related
                        SG-4860 25.07.1 | Lab VMs 2.8, 25.07.1

                        1 Reply Last reply Reply Quote 0
                        • S Offline
                          soamz
                          last edited by

                          @johnpoz:

                          hehehehe –- there must be a HUGE language barrier...  I think I know what an ISP is, and sorry but you shouldn't be running one if you have to ask about setting up dns...  Or don't have staff to do that for you..

                          And with statements like this "so its done once and forever" shouldn't even be in IT from any angle..

                          Well if I had known, I would have never posted it here.

                          I guess, its not a sin to not know and ask something!
                          If thats offending in this forum, then I might be in a wrong place.

                          1 Reply Last reply Reply Quote 0
                          • N Offline
                            NOYB
                            last edited by

                            @soamz:

                            @johnpoz:

                            hehehehe –- there must be a HUGE language barrier...  I think I know what an ISP is, and sorry but you shouldn't be running one if you have to ask about setting up dns...  Or don't have staff to do that for you..

                            And with statements like this "so its done once and forever" shouldn't even be in IT from any angle..

                            Well if I had known, I would have never posted it here.

                            I guess, its not a sin to not know and ask something!
                            If thats offending in this forum, then I might be in a wrong place.

                            There are a few in these forums that seem to be pretty network knowledgeable with an apparent need to be condescending.  I just view them as having an inferiority complex and use condescension to make them feel superior.

                            1 Reply Last reply Reply Quote 0
                            • DerelictD Offline
                              Derelict LAYER 8 Netgate
                              last edited by

                              That's it, exactly. (Where was your tutelage in setting up caching DNS servers for this "ISP"?)

                              Chattanooga, Tennessee, USA
                              A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                              DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                              Do Not Chat For Help! NO_WAN_EGRESS(TM)

                              1 Reply Last reply Reply Quote 0
                              • D Offline
                                doktornotor Banned
                                last edited by

                                @soamz:

                                What do I need ?

                                You need to hire competent staff or do different business.

                                1 Reply Last reply Reply Quote 0
                                • S Offline
                                  soamz
                                  last edited by

                                  @doktornotor:

                                  @soamz:

                                  What do I need ?

                                  You need to hire competent staff or do different business.

                                  Okay, thank you for your suggestion!

                                  1 Reply Last reply Reply Quote 0
                                  • DerelictD Offline
                                    Derelict LAYER 8 Netgate
                                    last edited by

                                    @NOYB:

                                    There are a few in these forums that seem to be pretty network knowledgeable with an apparent need to be condescending.  I just view them as having an inferiority complex and use condescension to make them feel superior.

                                    I told him exactly what he needed to do, in terms more basic than anyone responsible for DNS caching at any ISP of any size should require. Then I got more n00b questions.

                                    Chattanooga, Tennessee, USA
                                    A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                                    DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                                    Do Not Chat For Help! NO_WAN_EGRESS(TM)

                                    1 Reply Last reply Reply Quote 0
                                    • pttP Offline
                                      ptt Rebel Alliance
                                      last edited by

                                      Guys, if you have some "free time" can "follow him" at the UBNT Forum  :P

                                      (soamz = jetsj)  http://community.ubnt.com/t5/The-Lounge/Own-DNS-or-Google-DNS-or-OpenDNS-or-ISP-DNS/m-p/1374605

                                      1 Reply Last reply Reply Quote 0
                                      • D Offline
                                        doktornotor Banned
                                        last edited by

                                        http://community.ubnt.com/t5/The-Lounge/Got-this-email-today-morning/m-p/1415110#M41357

                                        Made my day… His DNS abused for DDoS? Who'd have guessed that.  ;D ::)

                                        1 Reply Last reply Reply Quote 0
                                        • S Offline
                                          soamz
                                          last edited by

                                          Wow, too funny!

                                          1 Reply Last reply Reply Quote 0
                                          • D Offline
                                            doktornotor Banned
                                            last edited by

                                            Yeah, indeed. Lots of fun for everyone but your paying customers.  ;)

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.