On a previous post, we’ve discussed how to use Bind9 on your pfSense in a way that external names were forwarded to name servers while internal names were statically resolved by Bind. In this post, we are going to discuss how to override the IPs returned by external name servers with IPs of our choosing….
On a previous post, we’ve discussed how to use Bind9 on your pfSense in a way that external names were forwarded to other name servers and internal names were statically resolved. In this post, we are going to integrate pfSense’s DHCP Server and Bind9, so that when DHCP assigns an IP to a device, it…
If there is one annoying thing on pfSense that seems to be never fixed is its DNS Resolver service called Unbound. Release after release, the Netgate folks still struggle to identify and fix the random crashes, unexpected restarts and whatnot. In this post, we are going to install Bind9, a very solid DNS server, to…
Most Internet Service Providers (ISP) install devices in our houses, such as a cable/DSL modems or a ONT/ONU for optical, which have a web interfaces on a private IP address of its own. Since the device is not connected to any port of your local network switch, and therefore, sit outside your your network, accessing…
Private Internet Access (aka PIA) provides a cheap VPN service that allows up to 10 simultaneous devices. Recently I have switched from Surfshark to PIA because although Surfshark allows unlimited devices, having multiple connections in the same device (pfSense router) doesn’t always work. The reason is that different connections to different countries can have the…
In previous posts it was discussed how to create a DMZ network and host a website from a isolated VLAN on your network. That is a powerful resource, but with the limitation of not being possible to use a friendly FQDN such as geekistheway.com or mydomain.com as the frontend for the websites. This post will…
DMZ (aka Demilitarized Zone) network as defined by Wikipedia “is a physical or logical subnetwork that contains and exposes an organization’s external-facing services to an untrusted, usually larger, network such as the Internet”. The purpose is to add an additional layer of security by separating what is exposed a public service in the DMZ, while the rest of…
While I was writing a post on how to route specific WEB traffic through VPN, I’ve got inspired and decided to write another post on how to route specific DEVICES (your NAS server, laptop, iPhone, etc) through VPN while the rest of your house still uses the default ISP gateway. This kind of approach might…
For those who followed my previous post on how to configure a VPN client on pfSense, one cool application for it is to route only specific websites through the VPN while the rest of the traffic goes through the default ISP gateway, as usual. That is interesting when you want to use an IP from…
As bufferbloat.net defines it, “Bufferbloat is the undesirable latency that comes from a router or other network equipment buffering too much data. It is a huge drag on Internet performance created, ironically, by previous attempts to make it work better. The one-sentence summary is “Bloated buffers lead to network-crippling latency spikes. The bad news is…