I wondered if the rule I created for the purpose in Subject made a few years ago, is still set correctly following migration to 26.1 (Firewall > Rules [new]).
I have realised the settings I followed originally (I'm sure from here https://homenetworkguy.com/how-to/redirect-all-dns-requests-to-local-dns-resolver/ ), some no longer exist. More specifically, "Destination port range - DNS". DNS no longer exists, it is now "Single port or range - 53". The setting NAT > Port Forward has gone too.
Is anyone able to confirm what needs applying for this purpose if doing from scratch please?
In my environment I have a tight set of rule for DNS allowing queries from my internal DNS servers to only Quad9 DNS servers.
On my network there is a gaming PC and a TV which insist on querying 8.8.8.8. To avoid these connection attempts being logged by my DNS blocking rules, I've just created a rule to redirect these request to my internal DNS servers.
I am running OPNsense 26.1.5 and created one rule in Firewall: NAT: Destination NAT.
The two networks where these queries originate are in my UNTRUSTED firewall group.
A rule would appear like in the image Destination NAT Rule. I've included the relevant settings for this rule too.
You may already have a rule to allow DNS traffic to 127.0.0.1. If not, I expect the Default pass rule to work here, otherwise in the settings under Options, you could change the Firewall rule to pass.