Jump to content
Not connected, Your IP: 44.222.220.101
diver3923

DNS queries from pfSense?

Recommended Posts

This post was prompted by Air's announcement that US Netflix is working again when using their DNS servers.   Thanks for that effort!

 

I use pfSense and have it configured to use DNS Resolver through an AirVPN server.  All clients get their DNS from pfSense.  My understanding is that Resolver goes straight to the root servers and does not contact an external DNS server for queries.  In order to take advantage of the routing benefits of using Air DNS servers (such as getting US Netflix from European servers) should I be using DNS Forwarder instead of Resolver?  Does Resolver defeat the microrouting (not sure if that is the correct term) of the Air DNS servers?  ipleak.net shows only the AirVPN DNS server, but that might not matter if pfSense is going straight to the root servers. 

 

Thanks

Share this post


Link to post

This post was prompted by Air's announcement that US Netflix is working again when using their DNS servers.   Thanks for that effort!

 

I use pfSense and have it configured to use DNS Resolver through an AirVPN server.  All clients get their DNS from pfSense.  My understanding is that Resolver goes straight to the root servers and does not contact an external DNS server for queries.  In order to take advantage of the routing benefits of using Air DNS servers (such as getting US Netflix from European servers) should I be using DNS Forwarder instead of Resolver?  Does Resolver defeat the microrouting (not sure if that is the correct term) of the Air DNS servers?  ipleak.net shows only the AirVPN DNS server, but that might not matter if pfSense is going straight to the root servers. 

 

Thanks

 

 

I found all the DNS stuff to be overcomplicated.  So, I turned off resolver and forwarder and pass to my DHCP clients the DNS I want them to use.  That could be 10.4.0.1 (AirVPN DNS).  Then I use firewall rules to allow 10.4.0.1 and block all other DNS.  It simplified my life greatly.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...