Do I need to run my own DNS server?

I have a question I was hoping the community could help me with.

I am trying to find a solution to my issue with traffic routing.

The issue

I want to use FQDN’s for my various homelab services without the requests leaving my network. For example, my Nextcloud is running at https://cloud.example.com and I want to continue to use that so that I can leave the FQDN in my client configurations so it will work when I am not on my LAN, but when I am on the LAN I want that to locally be resolved by the network to be able to leverage local network speeds (gigabit).

Is running my own DNS server the solution, or is there some easy way to do this in pfSense?

Thank you for your time.

1 Like

Have you run a traceroute to verify your traffic is leaving the local network? The DNS query probably does leave the local network though, but maybe not often depending on how long the local cache lasts.

image
good option

1 Like

Would that be on Gravity’s laptop, so they switch between “home” mode and “away” mode?
Or is the hosts file on the PFsense box, so it routes the FQDN address locally first?

1 Like

user device

1 Like

Saying that, I wonder how those Nas boxes do it, where they one just enters “synology.com” or “dlink.com” and it routes to the local machine.
But then again, it would help if I could remember some of the actual companies that do this…

easy way to find out wireshark is free

1 Like

I know its leaving my network because uploads/downloads are being throttled to my ISP speeds.

I want this to be transparent to my devices so I don’t have to modify the hosts file. Like for my cell phone.

1 Like

I use IPv6 and publish my AAAA records publicly. I think it works great. A firewall limits incoming connections from outside.

my traffic flow is kinda like this:

Internet -> HAProxy (Linode VPS) -> pfSense WAN -> HAproxy (ssl termination for *.example.com) -> services

Then DNS server is your only option then, pfsense should have a dns server built in

1 Like

So I guess what I need is this then huh?

https://docs.netgate.com/pfsense/en/latest/services/dns/wildcards.html

Yeah, and make sure pfsense is configured to be the first DNS server in its list, then you should be all set. That’s the kind of thing I would forget and then be confused about why it’s not working. :neutral_face:

You could do 2 things.

Run a local domain under the same name as the external domain.
So your domain would be example.com in your dhcp server or set up on the host itself.
All you have to do then is change the hostname of the server to cloud or something else you want it to resolve to.

The other thing you could do and that is what I do myself to is the make a host override inside the dns server on pfsense.
See link below on how to do that:
https://docs.netgate.com/pfsense/en/latest/services/dns/resolver.html#dns-host-overrides