Feature #14208: Automatic Split-DNS for 1:1 NAT - pfSense - pfSense bugtracker

Actions

Copy link

Feature #14208

open

Automatic Split-DNS for 1:1 NAT

Added by Yehuda Katz about 1 year ago. Updated about 1 month ago.

Status:

Pull Request Review

Priority:

Normal

Assignee:

Jim Pingle

Category:

DNS Resolver

Target version:

2.8.0

Start date:

Due date:

% Done:

Estimated time:

Plus Target Version:

24.07

Release Notes:

Default

Description

There is a well-known challenge of dealing with accessing public IP addresses from inside the network. The two existing solutions are NAT reflection and split DNS, each of which has its own challenges. Unbound and dnsmasq both support rewriting IP addresses in returned results.

In unbound, this is done using the `respip` module.

In dnsmasq, this is done using the `alias` option.

The pull request I am working on will allow automatically building the unbound respip configuration using the 1:1 NAT configuration.

I tested this code on a firewall running 2.6.0-RELEASE and I believe I made all the necessary changes to make it work in the `master` branch, but I haven't tested that.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Feature #14208

Automatic Split-DNS for 1:1 NAT

Updated by Yehuda Katz about 1 year ago

Updated by Jim Pingle 9 months ago

Updated by Jim Pingle 8 months ago

Updated by Jim Pingle 7 months ago

Updated by Jim Pingle about 2 months ago

Updated by Yehuda Katz about 2 months ago

Updated by Yehuda Katz about 1 month ago