OPNsense Forum

Archive => 20.1 Legacy Series => Topic started by: Corellon on March 25, 2020, 09:32:15 pm

Title: Migrating from PFSense to OPNSense - DNS complications
Post by: Corellon on March 25, 2020, 09:32:15 pm

Migrating over from PFSense and wondering if some more knowledgeable then myself can assist with a DNS issue I'm having.

On PFSense I use unbound with pfBlockerNG to block ads and unwanted sites, unbound has some overrides to throw DNS requests for the domain out to my domain's DNS controller and the rest are set to use my VPN connection to fetch results (So I can avoid ISP blocking and modifying of DNS records and tracking).

On Opnsense there appears to be no direct pfBockerNG equivalent with unbound, but BIND has some good options.    I can setup zones in BIND to send the dns to my domain for those hosts but I can't find an option to limit the interface BIND uses to make requests.

Is there an option to achieve the above without chaining unbound and BIND together or adding firewall rules to block DNS from unwanted interfaces? 

I've tried looking at the namedb.conf file but it appears to be empty, at least in usr/local/etc/namedb/namedb.conf while all the other files are populated and full

Title: Re: Migrating from PFSense to OPNSense - DNS complications
Post by: fabian on March 25, 2020, 10:06:32 pm

There is a plugin in development - checkout Twitter on the official account for unbound plus.

Title: Re: Migrating from PFSense to OPNSense - DNS complications
Post by: Corellon on March 25, 2020, 10:44:12 pm

Perfect thanks!

With this I should be able to finish the migration tonight