OPNsense Forum

Archive => 18.7 Legacy Series => Topic started by: SparcV on January 11, 2019, 10:50:36 pm

Title: Unbound DNS unable to forward overidden domain via VPN
Post by: SparcV on January 11, 2019, 10:50:36 pm

I have an issue I'm trying to work through.  I have the Unbound DNS service configured with a domain override to forward the DNS requests to a server (10.0.0.20) that is on the other side of a IPSec tunnel, but any requests for that domain are never sent across the VPN. Instead I can see that its trying to connect to the IP of the DNS server (10.0.0.20) that should be on the other side of the VPN, but its just going out the WAN via the default gateway. 

How do I force Unbound DNS to send that traffic over the VPN?

The routes are working for all other traffic originating from the Local LAN destine to the VPN's

Code: [Select]

  <unbound>
    <enable>1</enable>
    <custom_options/>
    <regdhcp>1</regdhcp>
    <regdhcpstatic>1</regdhcpstatic>
    <active_interface/>
    <outgoing_interface/>
    <domainoverrides>
      <domain>work.local</domain>
      <ip>10.0.0.20</ip>
      <descr/>
    </domainoverrides>
    <cache_max_ttl/>
    <cache_min_ttl/>
    <incoming_num_tcp>10</incoming_num_tcp>
    <infra_cache_numhosts>10000</infra_cache_numhosts>
    <infra_host_ttl>900</infra_host_ttl>
    <jostle_timeout>200</jostle_timeout>
    <log_verbosity>2</log_verbosity>
    <msgcachesize>4</msgcachesize>
    <num_queries_per_thread>4096</num_queries_per_thread>
    <outgoing_num_tcp>10</outgoing_num_tcp>
    <unwanted_reply_threshold/>
  </unbound>
OPNsense 18.7.10-amd64

Title: Re: Unbound DNS unable to forward overidden domain via VPN
Post by: SparcV on January 12, 2019, 04:17:10 am

I found the answer in another post:

https://forum.opnsense.org/index.php?topic=6750.0 (https://forum.opnsense.org/index.php?topic=6750.0)