Configure pfSense to Use Public DNS Servers

Configure pfSense to Use Public DNS Servers

comments

There's multiple reasons for wanting to use public DNS servers. Your ISP's DNS servers might be unreliable or slow. Your ISP might redirect invalid domains to advertising pages. And depending on your country, they might even block you from going to certain websites. Or maybe you're just looking to use DNS servers that support DNSSEC.

Whatever your reason is, configuring the use of public DNS servers in pfSense is quite easy. Read this guide and find out how.

Log into pfSense

Open your web browser and log into your pfSense system

pfsense-sign-in-page

Pick Your DNS Servers

Now you'll need to decide which DNS servers you'll be using.

Here's a few popular open DNS servers:

  • Cloudflare
    Primary: 1.1.1.1
    Secondary: 1.0.0.1
    Features: DNS-over-HTTPS, DNS-over-TLS, Fastest DNS resolver (14ms global average), Client IPs not stored, Logs deleted within 24 hours

  • Google
    Primary: 8.8.8.8
    Secondary: 8.8.4.4
    Features: DNSSEC

  • Level3
    Primary: 209.244.0.3
    Secondary: 209.244.0.4

  • Norton ConnectSafe
    Primary: 199.85.126.10
    Secondary: 199.85.127.10
    Features: DNSSEC

  • Verisign
    Primary: 64.6.64.6
    Secondary: 64.6.65.6

  • Yandex.DNS
    Primary: 77.88.8.8
    Secondary: 77.88.8.1

If you're looking for servers which don't keep logs, take a look at the OpenNIC Public Servers list.

Go to DNS Server Settings

On the menubar, click System and then General Setup

pfsense-general-setup-menu

Scroll down to the DNS Server Settings section

pfsense-dns-server-settings

Enter in your new DNS servers and then click the Save button to apply your changes

pfsense-save-button

Congratulations! You've now configured pfSense to use open DNS servers.

pfsense-changes-applied

Do you have a favorite DNS server that you use? Do they offer DNSSEC, not keep logs, are reliable and low latency? Let us know in the comments below! We'd love to hear what you're using.