DNS server from DHCP

storminjack · 26 January 2026 02:58

From DHCP what DNS server(s) should I hand out to clients. Should one of the DNS servers be the IPFIRE IP address and what DNS server should I use for the secondary DNS server. Trying to find the best combination of DNS servers. Or is DNS handled by my cable modem

roberto · 26 January 2026 06:55

Hi,

This information maybe is your interest:

And:

Bye.

tphz · 26 January 2026 09:41

Just to complete the information.

Regards

bbitsch · 26 January 2026 11:17

To have control over the local net ( DNS blocking is a possible tool ), you should set the DNS server to IPFire and apply the advice of iptom.

storminjack · 26 January 2026 15:54

Roberta

Thank you for your input but I am still confused…

This is what I am trying to do. I need to make sure adult sites are blocked. I have found if you do not have the proxy enabled on the client (Windows PC) any request to an adult site is resolved to that site

So..This is my confusion below..or in other words what handles the DNS resolution

PC----->IPFire---->Modem Router

PC gets it ip from DHCP on the IPfire box, the web request is sent to the IPfire box,which sends it to the modem router.

So what DNS servers do I assign to the PC? Does the PC use those DNS servers or does it pass traffic to the IPFIre box which handles the DNS? Then is is passed to the Modem Router which handles the DNS?

So many pieces in the puzzle

Please help

roberto · 26 January 2026 18:27

Try with these DNSs:

Especially with versions 1.0.0.3 and 1.1.1.3.

You can put it on the DHCP Server so that the computers use these DNSs.

Example:

Bye

roberto · 26 January 2026 18:39

If this doesn’t work, in “Network → Domain name system”, enter it as follows:

And in DHCP Server:

Naturally, with your corresponding IPs. The image shows mine, which may not match the ones you have on Green.

Bye.

hvacguy · 26 January 2026 18:41

That is why you need to setup the “Domain name system” tab.

That is the DNS that IPfire will use. Recommend TLS. DoT.

bloater99 · 26 January 2026 20:17

As Roberto recommended, Cloudflare does have DNS servers that block malware and adult content:

Once this is set in Network→Domain Name System, enable them by placing a check in the white box, uncheck all other DNS servers in the list, then optionally set Protocol for DNS Queries to TLS. Then using the link iptom provided, Force clients to use IPFire DNS Server and set your Primary DNS server under DHCP to IPFire’s IP address.

You can leave them set to Auto and IPFire will be their sole provider of DNS. You could manually input IPFire’s IP address into each PCs DNS Server field, but it is not necessary once IPFire has been set up as the sole DNS provider as per the firewall rule above.

storminjack · 27 January 2026 15:48

This issue has been solved..Thanks To All…How do I mark it as solved on the website?

bbitsch · 27 January 2026 16:48

Just mark the solving post as solution ( the square with the tick ).