PfSense Authorative Name Server of a subdomain

Question

I have PfSense running currently with DNS and DHCP but I recently purchased a domain name and now I would like to have PfSense be a name server for a sub-domain but internal only. Currently host names resolve as expected as HOSTNAME/ in a browser and I would like to keep that and have them resolve as HOSTNAME.subdomain.domain.tld and have everything else forwarded out, which it does currently.

score 0 · Answer 1 · answered Jun 07 '17 at 12:44

0

Yes, this is possible, but you need to install a new package. Go to System > Packages > Available Packages and download package dns-server or TinyDns and it will be added to Services menu.

In your use case you need to bind it to the LAN interface and use it also as a recursive DNS resolver for LAN, so that it serves both your local subdomain.example.com and does recursion to the rest. Then go to the New domain wizard and add domain subdomain.example.com.

As you wanted to have hostname.subdomain.example.com for your whole internal network, you might be interested in the two options for registering DHCP mappings & leases with the DNS server.

As you only use this locally you don't need to delegate control of the subdomain to your internal DNS server; it will believe it is the authoritative name server for this domain before it does any recursion.

answered Jun 07 '17 at 12:44

Esa Jokinen

46,944
3
83
129

I am using the default DNS and DHCP included with pfsense, I assume I have to disable the default DNS before doing what you have suggested? – Troy Osborne Jun 08 '17 at 11:51
If installing the alternative DNS server doesn't do this automatically, then yes. – Esa Jokinen Jun 08 '17 at 11:55
[2.3_Removed_Packages](https://doc.pfsense.org/index.php/2.3_Removed_Packages) dns-server was removed from the package manager for 2.3 I don't see Tiny-Dns in this list though, and I don't see it in the package manager. – Troy Osborne Jun 13 '17 at 20:55
I don't see Tiny-Dns in the list of available packages either: [Package_list](https://doc.pfsense.org/index.php/Package_list) – Troy Osborne Jun 13 '17 at 20:59
I see the bind package, but its description says GUI for Bind, and its [dependency](https://www.freshports.org/dns/bind-pfsense),bind-pfsense-9.11.1, has no port information – Troy Osborne Jun 13 '17 at 21:10

score 0 · Accepted Answer · answered Sep 01 '17 at 15:25

0

The built-in DHCP/DNS had an option for a domain name.

answered Sep 01 '17 at 15:25

Troy Osborne

106
1
13

PfSense Authorative Name Server of a subdomain

2 Answers2