Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
21.7 Legacy Series
»
General DNS
« previous
next »
Print
Pages: [
1
]
Author
Topic: General DNS (Read 2736 times)
liamb
Newbie
Posts: 6
Karma: 1
General DNS
«
on:
November 01, 2021, 10:35:10 pm »
Hi All,
What is recommended to supply for DNS servers in System -> Settings -> General? Should this always be set? Or can I rely on what comes from my gateway provider by DHCP or is supplied in my DHCP config? How does /does not this affect DHCP? I assume if I run Unbound whatever is supplied in this config screen is useless, right?
«
Last Edit: November 01, 2021, 10:39:16 pm by liamb
»
Logged
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: General DNS
«
Reply #1 on:
November 01, 2021, 11:02:31 pm »
The settings allow different scenarios and preference.
For instance if you want to use what dns servers your isp provides, or not is your choice. You can use them or select another. A criteria would be if is a small isp that can suffer dns outages, you have the choice to use a bigger public player that could be less prone to outages.
There is a setting to pass that on to your clients via dhcp. The help tooltips are quite explanatory.
And yes you can override with Unbound. The config screen doesn't become useless, just provides even more options.
Logged
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: General DNS
«
Reply #2 on:
November 01, 2021, 11:08:54 pm »
Correction, they are not passed to the lan clients by dhcp according to the docs.
https://docs.opnsense.org/manual/settingsmenu.html#general
Instead the system would use them on behalf of the clients. I.e the clients would get OPN as the nameserver and OPN would use those for upstream. I'm still referring to System > Settings > General .
Logged
liamb
Newbie
Posts: 6
Karma: 1
Re: General DNS
«
Reply #3 on:
November 02, 2021, 10:55:51 pm »
thanks! So in a world where nothing is supplied and unbound is running I assume these are redundant as Unbound should connect directly to the root DNS servers anyway (if configured), right?
Logged
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: General DNS
«
Reply #4 on:
November 03, 2021, 10:59:16 am »
Better than me re-writing it, in Services > Unbound DNS > General . At the bottom:
" If Unbound is enabled, the DHCP service (if enabled) will automatically serve the LAN IP address as a DNS server to DHCP clients so they will use Unbound resolver. If forwarding is enabled, Unbound will use the DNS servers entered in System: General setup or those obtained via DHCP or PPP on WAN if the "Allow DNS server list to be overridden by DHCP/PPP on WAN" is checked. "
Logged
liamb
Newbie
Posts: 6
Karma: 1
Re: General DNS
«
Reply #5 on:
November 04, 2021, 07:47:54 pm »
awesome, thank you!
Logged
koushun
Jr. Member
Posts: 95
Karma: 9
Digital pimp hard at work.
Re: General DNS
«
Reply #6 on:
December 06, 2021, 02:08:34 pm »
I use 127.0.0.1 as DNS server under System -> Settings -> General. This way, the OPNsense system itself (??) uses the Unbound resolver; which again uses DoT upstream.
Combined with NAT redirection rules, I have then full control over "regular" DNS queries - have not tinkered that much in regards to DoH.
At least this is what I think I am doing
Is this best practise? Do not know.
Logged
Running OPNsense through Proxmox
4 x Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz (1 Socket)
24 GB RAM
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
21.7 Legacy Series
»
General DNS