Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Internal DNS Server Query resolve
« previous
next »
Print
Pages: [
1
]
Author
Topic: Internal DNS Server Query resolve (Read 2584 times)
jaullo
Newbie
Posts: 14
Karma: 0
Internal DNS Server Query resolve
«
on:
May 22, 2020, 11:19:54 pm »
Hello,
I'm new to opnsense and i would like to know if there is way to allow my servers to query my LAN enterprise DNS.
This is what i have made for now
Config a:
Unbound DNS: ENABLE
Networ interfaces: all
Wan interfaces all:
DNS Query Forwarding : on
Inside system, settings i have two dns: 8.8.8.8 for google and 10.129.20.X for my lan
Result: i can navigate throught internet but i can not acces my lan dns names, examplo:
https://srv-sate.domain.com
Config b
Unbound DNS: ENABLE
Networ interfaces: all
Wan interfaces all:
Custom options with:
server:
forward-zone:
name: "."
forward-ssl-upstream:yes
forward-addr: 1.1.1.1@853 #CloudFlare
forward-addr: 1.0.0.1@853 #CloudFlare
forward-addr: 9.9.9.9@853 #Quad9
forward-addr: 149.112.112.112@853 #Quad9
forward-addr: 185.228.168.168@853 #CleanBrowsing
forward-addr: 185.228.169.168@853 #CleanBrowsing
forward-addr: 8.8.8.8@853 #Google
forward-addr: 8.8.4.4@853 #Google
forward-addr: 80.80.80.80@853 #Frenom
forward-addr: 80.80.81.81@853 #Frenom
forward-addr: 10.129.20.x@853 #Internal
forward-addr: 10.3.104.x@853 #Internal
Result: i can navigate throught internet but i can not acces my lan dns names, example:
https://srv-sate.domain.com
If i go to interfaces --> Diagnostics --> DNS LOOKUP and test
https://srv-sate.domain.com
I got response from my local lan server 10.129.20.x
Type Address
A 172.31.40.x
Any Idea what i'm doing wrong or what else i need to make it work
Thanks
Logged
johnsmi
Jr. Member
Posts: 60
Karma: 9
Re: Internal DNS Server Query resolve
«
Reply #1 on:
May 23, 2020, 12:18:04 am »
Your internal DNS-server knows the internal names, the external servers know about the other ones.
The answer is either cached, or forwarded to the external server or forwarded to the internal server. You'd need to be lucky getting the internal server for lan-adresses.
You can either forward ALL queries to your internal server and let that one resolve internal and internet names
or
create forward-zones for your internal names with the internal server and a default zone like in 'Config b'.
Another option for only a few names would be overrides.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Internal DNS Server Query resolve