Setup:
OPNsense with 192.168.1.0/24 local net
Pihole running Unbound, 192.168.1.6
I want to redirect all traffic outgoing on port 53 by the local net to the Pihole. This is pretty is via the portforward as described here https://forum.opnsense.org/index.php?topic=9245.0
I also added a Floating rule to allow the Pihole itself to perform DNS queries to the rootservers, else Unbound can't work of course
I can see the DNS requests being redirected to the Pihole when this setup is complete. But unfortunately the requests of the Pihole-IP to the rootservers are still being redirected and can't be resolved. They are stuck in a loop I guess
Is there an option to add a (floating) rule as not to redirect queries from 192.168.1.6? Or some setting in which you can check to not redirect traffic from the IP stated to rederict the traffic to?
Another possible solution seems to create an Alias which contains all local LAN except the Pihole IP and set that as the source in the portforward. I can't seem to get a grip in how to create such an alias.
Any help or advice is greatly appreciated
Select Source/Invert and use the pihole IP as Alias.
Thanks, I am one step further but still no real working redirect to my pihole.
When I do an Nslookup of a random website with 8.8.8.8 i get an 8.8.8.8.in-addr.arpa querie in the logs in my pihole instead of the website I tried to resolve.
Any ideas?
I solved it myself :)
It appears this does not work if the pihole is in the same subnet. I solved by redirecting DNS to 127.0.0.1 and let unbound forward the request to the pihole. Only downside is that I can't see which device is trying to circumvent the DNS via the Pihole queries. That's why I will enable logging of this rule