Configuring Unbound DNS for Multi-Subnet Proxy Access via NGINX

foss-johnny · February 23, 2026, 12:26:46 AM

Hi all,

If I have multiple LAN subnets, and I want my clients in each subnet to be able to resolve/route to NGINX running on OPNSense, and then NGINX forwards to a server IP running in a DMZ subnet, what is the correct way to configure the DNS.

Do you setup a single Unbound DNS override entry to point to a single LAN gateway that you designate for NGINX, or do you somehow setup each LAN to have the DNS name of the server resolve to their respective LAN Gateway interfaces?

foss-johnny

Bump.

Any advice would be appreciated.

I was thinking to perhaps create a new VLAN and use VIP's for any service hosted on the OPNsense itself.

Is this the right design approach or should a different design be used?

Configuring Unbound DNS for Multi-Subnet Proxy Access via NGINX

foss-johnny

February 23, 2026, 12:26:46 AM Last Edit: February 23, 2026, 02:26:17 AM by foss-johnny

foss-johnny

Today at 12:20:55 PM #1