next »

[p0ddie]

Hi,

I can't get tinyDNS to work as my internal dns server, no matter how hard I try. I deleted and readded the package, tried with different domains.. no luck.

2.0BETA5, build 16th of February.

Here's what I set up:

- installed tinyDNS package
- deactivated DNS forwarder
- under general prefs, set the dns IP to the IP of pfsense (192.168.1.1), gave my appliance the hostname it will user later: pfsense.domain.internal

- Used the tinyDNS wizard to set up the domain domain.internal
- the wizard added domain.internal as SOA, I added pfsense.domain.internal as A record with IP 192.168.1.1 and as NS record
- put the listening ip of tinydns to 127.0.0.1, listen to LAN and loopback (tried WAN, too)
- put in a firewall rule to allow all LAN traffic on UDP 53 (DNS)
- started the service, restarted the appliance

Interestingly, in the tinyDNS log i saw stuff it tried to resolve like "www.google.com.domain.internal".

I am not that experienced with tinyDNS or pfsense, but I am quite sure I set up everything correctly...

What can I do?

[firewold]

Should be listening on LAN and no port 53 open needed.  Be sure to untick allow DNS server to be overridden in General settings

[Gloom]

You do need to setup a port forward for port 53 from the LAN IP address (Assuming internal DNS) through to the loopback address you bound TinyDNS to.
You might also need a firewall rule to permit UDP traffic through to loopback on port 53

For testing try running the following on any Unix/Linux box on your network

dig @192.168.1.1 "Whatever your Domain" any

That should return all the stuff you have setup.

[firewold]

There must be something wrong with my settings.  Port 53 is explicitly blocked in my system and TynyDNS is still working.

[Gloom]

Odd as the default LAN rule only allows traffic on ports 80 and 22. Can your LAN computers make DNS requests outside of the network eg OpenDNS 208.67.222.222.
If so your rules are wrong or in the wrong order.