Hi,
I'm running OPNsense 25.7.2 with KEA DHCPv4 and have set up a VLAN (VLAN30, 192.168.30.0/24). I want all clients in this VLAN to use my Pi-hole (192.168.1.3) as their DNS server.
The Pi-Hole has configured the Unbound from OPNsense as upstream DNS.
The problem:
KEA seens not to allow setting a global DNS server in the subnet configuration via the GUI.
Only clients with a DHCP reservation can be assigned a custom DNS server.
Without a reservation, clients receive 192.168.30.1 (the VLAN interface) as DNS.
This breaks my setup because:
I have a firewall rule that only allows Pi-hole (192.168.1.3) to query Unbound on 192.168.1.1.
So, if clients use 192.168.30.1 as DNS, the query is blocked → no DNS resolution
If I allow 192.168.30.1, clients bypass Pi-hole → no ad-blocking.
My goal:
Have all DHCP clients in VLAN30 automatically receive 192.168.1.3 as DNS without requiring individual reservations.
Question:
Is there a way to set a global DNS server in KEA?
Maybe I need to edit the configuration file manually?
Am I missing something, or is this a known limitation?
Thanks for any help.
Please let me know, if further information is required.
Best regards
Simon
Uncheck "Auto collect option data" for your subnet and you can manually set the DNS server as you prefer. "Auto collect option data" active means the firewall interface address in that particular subnet will automatically be used.
Dear Patrick
Have many thanks for your kind help.
Oh no. As I have searched, I've stumbled alreade over a post which mentions to uncheck "Auto collect option data".
But I didn't realized that this applies also to my issue. I thought it's just for Gateway selection or so.
I have followed the suggestion now and it works perfect.
Again, thank you much.