DNS issues with Pfsense

BobbyJoe · April 19, 2022, 11:30pm

Pretty new to Pfsense, I tried setting up a Host Overrides setting within DNS but it does not appear to be working for connected devices. I have cleared DNS cache on the client. I also checked that the system is set to do local DNS lookups but that did not help either.

Any clues or hints what I can try and test ?

Tmi · April 19, 2022, 11:43pm

Here’s a write up that Tom did for DNS Host Overrides pfsense DNS Host Overrides - YouTube

BobbyJoe · April 20, 2022, 12:17am

Thanks Tmi, been reading the manual but let me see what Tom has to say about it

BobbyJoe · April 20, 2022, 9:21pm

Well I think it just took some time for the cache to expire as it did not work last night even after flushing my DNS cache but it is now working.

One other strange thing that I am trying to “resolve” is why PFsense is not resolving dishy.starlink.com.
See the example from google DNS and then Pfsense

>nslookup dishy.starlink.com. 8.8.8.8
Server:  dns.google
Address:  8.8.8.8

Non-authoritative answer:
Name:    dishy.starlink.com
Address:  192.168.100.1  <- this is correct as it should be on my network


>nslookup dishy.starlink.com.
Server:  pfsense.home.mydomain.com
Address:  10.10.10.1

Name:    dishy.starlink.com
Served by:
- ns51.domaincontrol.com

          starlink.com
- ns52.domaincontrol.com

          starlink.com

Tmi · April 21, 2022, 12:40am

You need to enable DNS Query Forwarding so that those queries can go to your upstream DNS servers. See Services — DNS Resolver — DNS Resolver Configuration | pfSense Documentation and Services — DNS Resolver — DNS Resolver Mode | pfSense Documentation for more information.

BobbyJoe · April 21, 2022, 1:29am

Thanks for staying with me Tmi

I have set DNS Query Forwarding to “Enable Forwarding Mode” already but was still getting the strange response. Is there a flush DNS cache option in Pfsense. I normally clear windows dns cache but should I also do that for Pfsense when I am testing things ?

Tmi · April 21, 2022, 1:55am

Yeah you can flush the DNS in pfSense. I do find it a bit odd though that you have it enabled but still have the issue. It could be a DNS Firewall rule issue that’s preventing it. But try flushing the DNS cache. Go to Status → Services and find the unbound and click restart. For reference see Troubleshooting — Troubleshooting the DNS Cache | pfSense Documentation