"
Perfect thanks!
With this I should be able to finish the migration tonight
With this I should be able to finish the migration tonight
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
20.1 Legacy Series / Re: Migrating from PFSense to OPNSense - DNS complications
March 25, 2020, 10:44:12 PM #2
20.1 Legacy Series / Migrating from PFSense to OPNSense - DNS complications
March 25, 2020, 09:32:15 PM
Migrating over from PFSense and wondering if some more knowledgeable then myself can assist with a DNS issue I'm having.
On PFSense I use unbound with pfBlockerNG to block ads and unwanted sites, unbound has some overrides to throw DNS requests for the domain out to my domain's DNS controller and the rest are set to use my VPN connection to fetch results (So I can avoid ISP blocking and modifying of DNS records and tracking).
On Opnsense there appears to be no direct pfBockerNG equivalent with unbound, but BIND has some good options. I can setup zones in BIND to send the dns to my domain for those hosts but I can't find an option to limit the interface BIND uses to make requests.
Is there an option to achieve the above without chaining unbound and BIND together or adding firewall rules to block DNS from unwanted interfaces?
I've tried looking at the namedb.conf file but it appears to be empty, at least in usr/local/etc/namedb/namedb.conf while all the other files are populated and full
On PFSense I use unbound with pfBlockerNG to block ads and unwanted sites, unbound has some overrides to throw DNS requests for the domain out to my domain's DNS controller and the rest are set to use my VPN connection to fetch results (So I can avoid ISP blocking and modifying of DNS records and tracking).
On Opnsense there appears to be no direct pfBockerNG equivalent with unbound, but BIND has some good options. I can setup zones in BIND to send the dns to my domain for those hosts but I can't find an option to limit the interface BIND uses to make requests.
Is there an option to achieve the above without chaining unbound and BIND together or adding firewall rules to block DNS from unwanted interfaces?
I've tried looking at the namedb.conf file but it appears to be empty, at least in usr/local/etc/namedb/namedb.conf while all the other files are populated and full
Pages1
