Hello All!
I create a private network in Azure and create a virtual machine as private DNS server.
As Bastion create pfSense instance with two networks.
I use terraform (it is not full config):
resource "azurerm_virtual_network" "demo-network" {
name = "demo-network"
resource_group_name = azurerm_resource_group.demo.name
location = azurerm_resource_group.demo.location
address_space = ["172.16.40.0/24", "192.168.1.0/24"]
dns_servers = ["172.16.40.15"]
tags = {
environment = "demo"
}
}
resource "azurerm_subnet" "demo-network-subnet" {
name = "demo-network-subnet"
resource_group_name = azurerm_resource_group.demo.name
virtual_network_name = azurerm_virtual_network.demo-network.name
address_prefix = "172.16.40.0/24"
}
resource "azurerm_subnet" "demo-pfsense-network-subnet" {
name = "demo-pfsense-network-subnet"
resource_group_name = azurerm_resource_group.demo.name
virtual_network_name = azurerm_virtual_network.demo-network.name
address_prefix = "192.168.1.0/24"
}
Then, I create pfsense instance with demo-pfsense-network-subnet
(looks to Internet) and demo-network-subnet
(looks to private net) interfaces.
And create instance for private DNS server with ip 172.16.40.15.
So, then pfsense started - mac address of DNS instance bind on wrong interface:
[2.4.5-RELEASE][admin@pfsense.centralus.cloudapp.azure.com]/root: netstat -rn
Routing tables
Internet:
Destination Gateway Flags Netif Expire
default 192.168.1.1 UGS hn0
127.0.0.1 link#2 UH lo0
168.63.129.16/32 192.168.1.1 UGS hn0
169.254.169.254/32 192.168.1.1 UGS hn0
172.16.40.0/24 link#6 U hn1
172.16.40.15 00:0d:3a:97:ef:7f UHS hn0
172.16.40.254 link#6 UHS lo0
172.19.0.1 link#2 UH lo0
192.168.1.0/24 link#5 U hn0
192.168.1.10 link#5 UHS lo0
172.16.40.15 00:0d:3a:97:ef:7f UHS hn0
must be on hn1
How can i fixed this?
manually i can remove route, but after reboot, wrong route is recovering