NAT redirect - DNS timeout

Started by jbernardo, Today at 08:35:19 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
Today at 08:35:19 AM
Hello,
I have a working setup with a pi-hole doing DHCP+DNS and using the opnsense unbound as upstream DNS server. DNS queries are fast, everything works, ads/malware/telemetry is blocked by the pi-hole.
Next step for me would be to redirect any queries from my LAN to any DNS server other than the pi-hole.For that, I added a "Destination NAT" rule, with protocol TCP/UDP, any destination/port DOMAIN (53), redirect target IP - the IP of the pi-hole, target port DOMAIN (53), inverted source my pi-hole IP.
Now, queries to any DNS server outside the LAN show as "RDR" in the log, and appear in the pi-hole query log. But, the query result never makes it back to dig or nslookup, it always ends with ";; communications error to 1.1.1.1#53: timed out"
What am I missing here? Do I need a firewall rule?
Thank you.
Print
Go Up Pages1
User actions