The pfSense Store

Author Topic: dnscache part of dnserver is totally broken ?  (Read 7066 times)

0 Members and 1 Guest are viewing this topic.

Offline GLR

  • Jr. Member
  • **
  • Posts: 49
  • Karma: +0/-0
    • View Profile
    • tech blog (fr)
dnscache part of dnserver is totally broken ?
« on: June 22, 2011, 05:36:56 am »
I've installed dns-server (Beta 1.0.6.16) on 2.0 RC3 and it seems at least dnscache doesn't work correctly :

It stays defined as DNS forward : /var/etc/dnscache0/env/FORWARDONLY exists
While no upstream NS is defined : /var/etc/dnscache0/root/servers/@ is empty, whereas it should contain the upstream NS in forwarder mode and the root servers in resolver mode.
(I am not sure though that the forwarder mode is currently supposed to be supported ?)
Additionally :
- /var/etc/dnscache0/env/IP contains only the binding IP (usually LAN's one) while AFAIK it should contains the allowed source subnets
- /var/etc/dnscache0/env/IPSEND contains 0.0.0.0

Is it totally broken or ?
« Last Edit: June 22, 2011, 05:41:00 am by GLR »

Offline akula169

  • Jr. Member
  • **
  • Posts: 53
  • Karma: +0/-0
  • yay for pfSense!
    • View Profile
Re: dnscache part of dnserver is totally broken ?
« Reply #1 on: August 21, 2011, 04:48:14 pm »
Seems like it is.  I had to patch the heck out of it to make it work on RC1.

I can't get it to work at all on RC3

Offline roja

  • Newbie
  • *
  • Posts: 15
  • Karma: +0/-0
    • View Profile
Re: dnscache part of dnserver is totally broken ?
« Reply #2 on: September 22, 2011, 04:05:39 pm »
Seems like it is.  I had to patch the heck out of it to make it work on RC1.

I can't get it to work at all on RC3

This post is old but why use the built in Dns. The built in Dns is a forwarder not a cache. You need to install "unbound", it's alot faster and acts as a  DNS cache. You firewall will do direct DNS  qwery's. Very good and does not limit you to your ISP's DNS scope.

Offline akula169

  • Jr. Member
  • **
  • Posts: 53
  • Karma: +0/-0
  • yay for pfSense!
    • View Profile
Re: dnscache part of dnserver is totally broken ?
« Reply #3 on: September 22, 2011, 04:09:09 pm »
I was previously using dns-server to do proper reverse lookup mapping and MX destinations - dnscache is just something that came along with that package...

Now that you can add your own options to the Advanced section of the built-in, it is working much better for me.