The DNS override only works for items querying pfsense, not for pfsense itself. It and the daemon that does the DNS overriding (dnsmasq) use resolv.conf which should be populated with your ISPs DNS servers. You appear to have a bit of a catch-22. Since you have a FULL resolver internal to your network, let it do the internet resolving and point the pfsense box at it for DNS.
--Bill On 8/16/06, Fuchs, Martin <[EMAIL PROTECTED]> wrote:
Hi all ! Im at the end of my DNS-understanding of pfSense ;-) Ok, not that bad, but: I got a Domain-Controller that hosts a DNS-Server in my LAN for my local domain. This DC forwards unknown DNS-requests to my pfSense, which gets the DNS from my ISP. In pfSense I have configured the DNS-Forwarder so that it resolves DNS-requests from the DC. In General-Setup I have set my internal DNS and activated the option "Allow DNS server list to be overridden by DHCP/PPP on WAN" Now when I look at ARP-tables or Routing table pfSense does not resolve my hostnames (which are hosted on my DC) but shows "localhost" for all hosts except some ISPs adresses. Seems logical to me at all, but at another location it works without these localhost-problems, it is resolved correctly... I also would like to have my IPs / localhosts ;-) resolved correctly and for that already entered an override domain in pfSenses DNS-forwarder for my local domain by domainname (xyz.xyz). It does not work... even if I ping my DC from pfSenses shell with the fqdn it tells me "ping: cannot resolve server.xyz.xyz: Unknown host" (btw. how can I nslookup under BSD ? [command unknown]). When I disable the checkbox "Allow DNS server list to be overridden..." it works well, it resolves my hosts and everything, but what happens with the DNS-forwarder in the pfsense ? Does it redirect all DNS-requests to my DC by now ? How is DNS-traffic handled then ? I want to resolve DNS-traffic over my ISPs DNS-servers, not the root DNS servers as I support it happens when I disable this option ? I'm a bit ittitated because at another location it works, but not at mine... What's the clue ? Looking forward to some hints ! Thanks in advance... Martin
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
