I use the Unbound DNS resolver built in to pfSense. By default the resolver filters out
any results that are private IP addresses. Normally this makes sense: no public domain
should have a private address. But sometimes it does make sense. For example there are
some useful services like sslip.io that will resolve to any IP address that you like.
So 127.0.0.1.sslip.io resolves to to 127.0.0.1. This is can be useful for local
development, especially when working with containers and reverse proxies and the like.
To allow Unbound to resolve these properly an extra configuration needs to be added. pfSense has no GUI config so this must be added under the custom options in the DNS resolver settings in pfSense. My options look like this:
1server:
2private-domain: "azmk8s.io"
3private-domain: "nip.io"
4private-domain: "sslip.io"
5private-domain: "traefik.me"