Scribd Logo
Importer

Bienvenue sur Scribd !

  • DNS Tools

    Transféré par

    Aung Kyaw Thu
    13 vues3 pages
    ိ္ါ့္

    Copyright

    © © All Rights Reserved

    Formats disponibles

    DOCX, PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    ိ္ါ့္

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme DOCX, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    13 vues3 pages

    DNS Tools

    Transféré par

    Aung Kyaw Thu
    ိ္ါ့္

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme DOCX, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 3

    DNS Tools: Configuring DNS Forwarding in

    pfSense
    October 6, 2013 by maximumdx 1 Comment
    DNS Forwarding: A Useful DNS Tool
    A DNS forwarder is a DNS tool which enables a network to skip the normal DNS resolution
    process and instead forward certain DNS requests to specified DNS servers, asking them to do
    the resolution work for it. Under pfSense, the DNS forwarder allows pfSense to act as a DNS
    server with a number of different features. It is a useful DNS tool in that it allows pfSense to
    resolve DNS requests using hostnames obtained by DHCP service, static DHCP mappings, or
    manually entered information. The DNS forwarder can also forward all DNS requests for a
    particular domain to a server specified manually.
    DNS Tools: Configuring Common DNS Forwarding Options

    Configuring DNS forwarding in pfSense 2.1
    Like most DNS tools, some configuration is required. To configure the DNS forwarder, first
    navigate to Services -> DNS Forwarder. Check the Enable DNS forwarder check box. If
    you check Register DHCP leases in DNS forwarder, then matches that specify their
    hostname when requesting a DHCP lease will be registered in the DNS forwarder, so that their
    name can be resolved (these are the hosts that appear in the list at Status -> DHCP Leases or, if
    it is an IPv6 address, DHCPv6 Leases). If Register DHCP static mappings in DNS
    Forwarder is checked, then DHCP static mappings will be registered in the DNS forwarder
    (these hosts are found by navigating to Services -> DHCP Server and scrolling down to
    DHCP Static Mappings for this interface).


    At Host Overrides, (near the bottom of the page) specify individual hosts to be served as DNS
    records by clicking the plus button to add a record. Devices in this list are checked first, so
    even if a record exists elsewhere, the record here takes precedence and is immediately returned.
    Scrolling even further down the page and just below Host Overrides, you will see the
    Domain Overrides section. Here you can specify a DNS server for a particular domain by
    clicking the plus button to add a record. These records are checked immediately after the
    individual records are defined above. Thus, a match here will take precedence over records that
    may exist elsewhere.
    Configuring Additional Options

    Additional options of the DNS Forwarder under pfSense 2.1
    As with most DNS tools, here are some other options available. If you check Resolve DHCP
    mappings first, then DHCP mappings will be resolved before the list specified in Host
    Overrides. This only affects the name given for a reverse lookup. As of pfSense 2.1, the DNS
    Query Forwarding subsection contains three options. Checking Query DNS servers
    sequentially causes pfSense DNS Forwarder (dnsmasq) to query the DNS servers sequentially
    in the order specified at System -> General Setup under the DNS Servers tab, rather than all at
    once in parallel. Checking the Require domain checkbox will prevent DNS Forwarder from
    forwarding A or AAAA queries for plain names (without dots or domain parts) to upstream
    name servers. If the name is not known from /etc/hosts or DHCP, then a not found answer is
    returned. Finally, checking Do not forward private reverse lookups prevents DNS forwarder
    from forwarding reverse DNS lookups for private addresses (those defined as such in RFC 1918)
    to upstream name servers. Any entries in the Domain Overrides section forwarding n.n.n.in-
    addr.arpa private names to a specific server are still forwarded. If the IP to name is not known
    from /etc/hosts, DHCP or a specific domain override, then a not found answer is returned.
    At Listen Port, you can specify a port used for responding to DNS queries (the default is 53),
    which is useful if another service needs to bind to TCP/UDP port 53. Under Interfaces, you
    can choose the IPs that will be used by the DNS Forwarder for responding to queries from
    clients. The default behavior is to respond to queries on every available IPv4 and IPv6 address.
    Each interface is listed twice; e.g. WAN and WAN IPv6 Link-Local; thus you can limit
    responses to those clients on a specific interface or clients on a specific interface with an IPv6
    address. Localhost is also an option. If you check Strict Interface Binding, the DNS
    Forwarder will only bind to the interfaces containing the iP addresses selected in the
    Interfaces list box. This option does not work with IPv6. Finally, under Advanced you can
    enter any additional options you would like to add to the dnsmasq configuration, separated by a
    space or newline.
    When youre done configuring options in this section, press the Save button to save the
    changes, and on the next screen, press the Apply changes button.

    Vous aimerez peut-être aussi