pfsense:dns:forward_a_specific_vlan
PFSense - DNS - Forward a specific VLAN
Navigate to Services → DNS Resolver.
Add the following to the Custom Options.
server:
access-control-view: 192.168.10.0/24 bypass
access-control-view: 192.168.20.0/24 dnsbl
access-control-view: 192.168.30.0/24 forward
view:
name: "bypass"
view-first: yes
view:
name: "dnsbl"
view-first: yes
include: /var/unbound/pfb_dnsbl.*conf
view:
name: "forward"
view-first: yes
forward-addr: 1.1.1.1
forward-addr: 8.8.8.8
NOTE: The forward view forwards requests to a couple of DNS servers on the Internet.
- forward-addr: the list of nameservers to forward the queries to.
- Unbound implements RFC2988 https://tools.ietf.org/html/rfc2988 for SRTT (smoothed round-trip time).
- Unbound keeps track of the round-trip time per address and uses this information in the server selection.
- All addresses with an RTT of not more than 400msec above the lowest RTT are used for the selection.
- From this list of suitable addresses one is randomly picked.
References
pfsense/dns/forward_a_specific_vlan.txt · Last modified: 2022/10/08 08:48 by peter