I have a DNS server behind a pfsense box. The dns forwarder is enabled
(I've tried disabling it.)
Without the forwarder, dns queries from behind the pfsense box don't
resolve, not ever.
With the forwarder dns queries resolve and the active directory works
fine as the windows servers forward all their queries to the pfsense box
and they are handled.
My problem is that there is an unrelated dns server behind the pfsense
machine that needs to answer to the outside world. I set up a virtual
ip address (tried it all three ways) and set up a NAT rule to forward
TCP/UDP on port 53 DNS to the server inside. TCP queries work, but UDP
queries time out against the virtual address, but work fine on actual
address. Have I run into something.
WanIP forwarded to inside server works both tcp and udp.
Virtual IP forwarded to inside server works tcp
Virtual IP forwarded to inside server fails udp.
Most dns queries are udp except for dnssec, dkim and spf.
Any ideas?
I'm running a 1.2.3-RELEASE built nearly a year ago.
Thanks,
Curtis
