On Tue, Jan 18, 2011 at 4:49 PM, Vick Khera <[email protected]> wrote: > I updated from my 1.2.3 based WRAP box to a 2.0-BETA5 (self-updated > after install to have latest image from around 4am today) ALIX box > earlier this afternoon. I observe the same behavior from a December > 13 firmware (I made the CF card way back then). > > Almost everything is working. I am having some trouble with the DNS > forwarder but only for *some* domains. This did not occur with > 1.2.3-RELEASE. > > 192.168.135.1 is my pfSense LAN address. The WAN is over comcast, > which assigns 75.75.75.75 and 75.75.76.76 as the DNS servers. I have > selected the "allow DHCP to override the DNS servers" option on the > WAN. > > It feels like it is eating up any 192.168.0.0/16 IP address returned > for a hostname. >
This is by design to protect against DNS rebinding attacks. If you have to get private IP responses from your upstream DNS you must disable that under System>Advanced. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
