English Forums > Tutorials and FAQs
HOWTO - Redirect all DNS Requests to Opnsense
Wired Life:
I try to redirect to a dns server inside the lan with this rule
But it doesnt work :(
please help
P-Kalk:
Thank you, tested whit nslookup and works great.
GDixon:
from chris42
--- Quote ---How would this work on ipv6? I tried to mimic the NAT rules for ipv6, however then the DNS queries fail completely
--- End quote ---
Excellent question what would be the destination for IPv6 or what is the equivalent to 127.0.0.1 for IPv6?
would it be ::1 for the loopback like 127.0.0.1 is for IPv4 loopback?
Ciprian:
Also, pay attention to non-standard DNS ports used by public DNS servers, ports like 5353, 9953 and alike... And for DNS-over-TLS the standard port is 853.
A really tech savvy user will bypass your forced DNS redirection anyway!
p1n0ck10:
--- Quote from: GDixon on November 26, 2018, 05:20:07 am --- from chris42
--- Quote ---How would this work on ipv6? I tried to mimic the NAT rules for ipv6, however then the DNS queries fail completely
--- End quote ---
Excellent question what would be the destination for IPv6 or what is the equivalent to 127.0.0.1 for IPv6?
would it be ::1 for the loopback like 127.0.0.1 is for IPv4 loopback?
--- End quote ---
Normally ::1 is the IPv6-localhost-Address. I must configure the IPv6-Address of the Interface (created an Alias) instead of ::1 in the NAT Rule and then it works. The clients resolves DNS-Records even if using his own IPv6-DNS-Servers.
I tested this with my Android Phone. This has the App DNSChanger installed
https://play.google.com/store/apps/details?id=com.frostnerd.dnschanger
with this App you can use other DNS-Server. With the IPv6 DNS NAT Rule you can farther resolve your own DNS-Records in the Override Tab from Unbound DNS. Normally when using a external DNS-Server you can't resolve internal DNS-Records.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version