[pfSense Support] Re: pfSense tinydns package question

[Matias Surdi]

Mark R wrote:

Did you set up forwarding of requests to lo0 from the LAN?

Is tinydns configured to respond to queries from your subnet?

2009/6/19 Matias Surdi 
>


I've installed the TinyDNS package. It's listening on 127.0.0.1.
Then I've setup the DNS forwarder to resolve a certain domain
against the authoritative name server 127.0.0.1.

This doesn't work when making queries from the lan. The request gets
to the forwarder but then it's lost and there is no traffic on
lo0.Instead, if I do a DNS query from the pfSense box itself to
127.0.0.1 then there is traffic on lo0 and the DNS works Ok.

I think that there is any default pfSense rule prohibiting the traffic.


Is this the supposed way to work of TinyDNS and the forwarder or I'm
missing something?


Thanks!


-
To unsubscribe, e-mail:
support-unsubscr...@pfsense.com

For additional commands, e-mail:
support-h...@pfsense.com


Commercial support available - https://portal.pfsense.org






Yes, I've setup a rule to allow *everything* from the lan with 
destination port udp 53.


And no, I want tinyDNS to listen only in 127.0.0.1 and then the DNS 
Forwarder to forward request for just one subdomain.


When I setup an "external authoritative dns" for a subdomain on a lan 
ip, it works. When I change that IP to 127.0.0.1 the incomming request 
are sent to the ISP dns servers.




Is there any documentation on how is this supposed to work? The 
dns-server package replaces or complements the DNS Forwarder?


Can both be used in the way I'm trying?


What I want, is to have a domain, let's say: site.local and route all 
request to dev.site.local to TinyDNS, so that I can add or remove 
individual records on it.


Can this be done?


Many thanks for your help guys.


-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

[pfSense Support] Re: pfSense tinydns package question

[Matias Surdi]

Scott Ullrich wrote:

On Fri, Jun 19, 2009 at 6:18 AM, Matias Surdi wrote:

I've installed the TinyDNS package. It's listening on 127.0.0.1. Then I've
setup the DNS forwarder to resolve a certain domain against the
authoritative name server 127.0.0.1.

This doesn't work when making queries from the lan. The request gets to the
forwarder but then it's lost and there is no traffic on lo0.Instead, if I do
a DNS query from the pfSense box itself to 127.0.0.1 then there is traffic
on lo0 and the DNS works Ok.

I think that there is any default pfSense rule prohibiting the traffic.


Is this the supposed way to work of TinyDNS and the forwarder or I'm missing
something?


Thanks!


-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org




TinyDNS is not compatible with DNS Forwarder.   TinyDNS Is an
authoritative DNS server whereas DNS Forwarder is a caching lookup
server.

Scott

-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org





That's all I needed to know. I think I'll end up setting up an external 
DNS and keep using th DNS Forwarder, and then forward all of my domain 
to that external DNS.


It's a pity that both systems can't work together.

Thanks for your help Scott.


-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

Re: [pfSense Support] Re: pfSense tinydns package question

[Mark R]

2009/6/19 Matias Surdi 

> Mark R wrote:
>
>> Did you set up forwarding of requests to lo0 from the LAN?
>>
>> Is tinydns configured to respond to queries from your subnet?
>>
>> 2009/6/19 Matias Surdi > matiassu...@gmail.com>>
>>
>>I've installed the TinyDNS package. It's listening on 127.0.0.1.
>>Then I've setup the DNS forwarder to resolve a certain domain
>>against the authoritative name server 127.0.0.1.
>>
>>This doesn't work when making queries from the lan. The request gets
>>to the forwarder but then it's lost and there is no traffic on
>>lo0.Instead, if I do a DNS query from the pfSense box itself to
>>127.0.0.1 then there is traffic on lo0 and the DNS works Ok.
>>
>>I think that there is any default pfSense rule prohibiting the traffic.
>>
>>
>>Is this the supposed way to work of TinyDNS and the forwarder or I'm
>>missing something?
>>
>>
>>Thanks!
>>
>>
>>-
>>To unsubscribe, e-mail:
>>support-unsubscr...@pfsense.com
>>
>>For additional commands, e-mail:
>>support-h...@pfsense.com
>>
>>
>>Commercial support available - https://portal.pfsense.org
>>
>>
>>
>
>
> Yes, I've setup a rule to allow *everything* from the lan with destination
> port udp 53.


you allow traffic. But do you rdr it? Otherwise how will it get
to 127.0.0.1 port 53
 I think this is why it works locally and on the pfsense box and
not for the LAN.

>
>



>
>
> And no, I want tinyDNS to listen only in 127.0.0.1 and then the DNS
> Forwarder to forward request for just one subdomain.


 I might be wrong. Long time since I set it up. But I think
tinydns needs to be told
 respond to dns queries from your LAN, otherwise it will ignore
them.

>
>
> When I setup an "external authoritative dns" for a subdomain on a lan ip,
> it works. When I change that IP to 127.0.0.1 the incomming request are sent
> to the ISP dns servers.
>
>
>
> Is there any documentation on how is this supposed to work? The dns-server
> package replaces or complements the DNS Forwarder?
>
> Can both be used in the way I'm trying?
>
>
> What I want, is to have a domain, let's say: site.local and route all
> request to dev.site.local to TinyDNS, so that I can add or remove individual
> records on it.
>
> Can this be done?
>
>
> Many thanks for your help guys.
>
>
>
> -
> To unsubscribe, e-mail: support-unsubscr...@pfsense.com
> For additional commands, e-mail: support-h...@pfsense.com
>
> Commercial support available - https://portal.pfsense.org
>
>