PfSense DNS Leak - Resolver

Hi all,

Any help appreciated; I have a pfsense router and an openvpn connection to PIA. I have some selective routes set up, however the DNS was always meant to go through the PIA interface.

I noticed today however that isn’t the case even though you select the interface. It seems to fall back to WAN if it wants

Does anyone have any ideas to stop this happening (I also think unbound doesn’t detect when the connection goes up & swap over)?

I’ve played around with setting up a firewall route to block DNS port 53 on WAN; however it appears to block the DNS even when it is going through the PIA Interface.

Another option would be to use unbound in forwarding mode; but I don’t know any decent DNS servers with SSL encryption (If anyone has any)

Many thanks in advance

I use forwarding with ssl over wan as it’s just more reliable and you don’t have to worry about pfsense not being able to resolve the VPN domain when the VPN is down.

These are the servers I use, I think they’re cloudflare and quad9

1 Like