OPNsense Forum

English Forums => General Discussion => Topic started by: WonderFrank on May 01, 2020, 01:43:14 am

Title: Unbound DNS not forwarding DNS requests to a DNS server within my network
Post by: WonderFrank on May 01, 2020, 01:43:14 am: Hi All

I use OpnSense as a DHCP and DNS server, clients in my network have the DNS server set as the OpnSense address as primary (192.168.0.1)
The OpnSense settings (System->Settings->General) have the DNS server set as my other local DNS server (192.168.0.61).

The OpnSense system has my local domain defined, when i ping hosts assigned by the OpnSense DHCP server (DHCPv4) the host is resolved without issue. When i try ping a host where the A record is kept on 192.168.0.61 it does not resolve.

I have done a dns lookup on the OpnSense system, one such host is WinSrv. The results are screen shot here: https://postimg.cc/fkL1Sv9L

Ultimately i need names that dont resolve on the OpnSense Unbound DNS server to be forwarded to 192.168.0.62 as this is the DNS server of my Domain Controller. If the address doesnt resolve here it will be forwarded out to 1.1.1.1 - or whatever DNS server i pick.

Where am i going wrong?
Title: Re: Unbound DNS not forwarding DNS requests to a DNS server within my network
Post by: WonderFrank on May 01, 2020, 09:00:44 pm: DOes any one have any ideas here? TO get around this issue ive set the DHCP server to give the secondard DNS server as 192.168.0.61 however this isnt ideal. The ideal approach for me would be for OpnSense to be the DNS server and then pass on requests to 192.168.0.61 who then passes them to 1.1.1.1
Title: Re: Unbound DNS not forwarding DNS requests to a DNS server within my network
Post by: hbc on May 02, 2020, 11:48:13 am: Does you DHCP provide your local domain as domain search suffix?
What happens if you retry your dnslookup with FQDN?

ATM it looks like without domain directly the root servers are queried.
Title: Re: Unbound DNS not forwarding DNS requests to a DNS server within my network
Post by: stefanpf on May 02, 2020, 12:25:57 pm: - Enable 'DNS Query Forwarding' in unbound
or
- add a domain overwrite for local domains
Code: [Select]
domain.local, _msdcs.domain.local and 1.1.10.in-addr.arpaBtw. there is a design failure in your planning:
The DNS server in your dc will not know all local entries.
Title: Re: Unbound DNS not forwarding DNS requests to a DNS server within my network
Post by: WonderFrank on May 04, 2020, 08:49:44 pm: Ill give this a crack.
The DS doesnt know all my local entries that's correct, that is why the primary DNS server is the OpnSense box and then the OpnSense should pass it onto my DS, from there the DS can pass it on to 1.1.1.1.
Ill let you know how i get on :)
Title: Re: Unbound DNS not forwarding DNS requests to a DNS server within my network
Post by: WonderFrank on May 04, 2020, 08:50:16 pm: Quote from: hbc on May 02, 2020, 11:48:13 am
Does you DHCP provide your local domain as domain search suffix?
What happens if you retry your dnslookup with FQDN?

ATM it looks like without domain directly the root servers are queried.

Yes it does. I get the same results when using the FQDN