Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
Local DNS Override
« previous
next »
Print
Pages: [
1
]
Author
Topic: Local DNS Override (Read 5278 times)
AndyX90
Jr. Member
Posts: 55
Karma: 2
Local DNS Override
«
on:
November 14, 2017, 11:48:22 am »
Hey guys, i have a question regarding my DNS-setup.
My scenario looks like the following:
Windows Domaincontroller (local DNS) forwarding --> OPNSense (unbound, used as dns for itself) --> ISP DNS
Now i thought i could do an domain override for my local domain in unbound and point to the windows dns but it doesnt work..
If i do dns lookups on interface statistics it doesn't resolve my local domain-pcs.
I need this for the new web-proxy-sso plugin.
Any suggestions?
Logged
Ciprian
Sr. Member
Posts: 284
Karma: 50
Re: Local DNS Override
«
Reply #1 on:
November 14, 2017, 12:48:32 pm »
Domain override + FQDN + (if case) ACL in Unbound for LAN segments not directly connected to one of OPNsense interfaces (e.g. VPN connections).
All of them mandatory, an it should work (I know "it should work" is not a helpful formulation, but you get my point
): I have multiple sites, all of them with their own DNS resolver (OPNsense + S2S VPN), and one of the sites (the HQ) have exactly your case - Unbound in OPNsense as DNS server served by DHCP for most of the clients, DC as Windows DNS for LAN and perimeter, OpenDNS as public DNS resolver/ fwder (doesn't matter it's not ISP DNS for that case) - and all and every client in all and any site can resolve FQDN to IP (fwd DNS) and IP to FQDN (reverse DNS) for all and every other client in all and every other site. But it must be FQDN, otherwise you have to use "host overriding" instead, which is a daunting task even for a small number of hosts.
Cheers, and good luck!
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
Local DNS Override