DNS Resolver Commands

Overview

Manage DNS host overrides in pfSense DNS Resolver (Unbound).

Commands

Command Description

netapi pfsense dns list

List all DNS host overrides

netapi pfsense dns add

Add new DNS host override

netapi pfsense dns update

Update existing DNS host override

netapi pfsense dns delete

Delete DNS host override

netapi pfsense dns apply

Apply pending DNS changes

List Host Overrides

netapi pfsense dns list
Example Output
                                DNS Host Overrides
┏━━━━┳━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━┓
┃ ID ┃ Host          ┃ Domain                    ┃ IP            ┃ Description       ┃
┡━━━━╇━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━┩
│ 0  │ kvm-01        │ inside.domusdigitalis.dev │ 10.50.1.99    │ KVM Hypervisor    │
│ 1  │ ise-01        │ inside.domusdigitalis.dev │ 10.50.1.20    │ Cisco ISE primary │
└────┴───────────────┴───────────────────────────┴───────────────┴───────────────────┘

Add Host Override

netapi pfsense dns add --host <hostname> --domain <domain> --ip <ip> --descr "<description>"
Example
netapi pfsense dns add --host home-dc02 --domain inside.domusdigitalis.dev --ip 10.50.1.51 --descr "Windows DC secondary"

Update Host Override

Update by ID (from dns list output). All fields required:

netapi pfsense dns update --id <id> --host <hostname> --domain <domain> --ip <new-ip> [--descr "<description>"]

The --apply flag defaults to true, so changes apply immediately. Use --no-apply for batch operations.
Example - Update IP address
# Update kvm-01-lan (ID 14) to new IP
netapi pfsense dns update --id 14 --host kvm-01-lan --domain inside.domusdigitalis.dev --ip 192.168.1.192
Example - Update with new description
netapi pfsense dns update --id 6 --host home-dc01 --domain inside.domusdigitalis.dev --ip 10.50.1.50 --descr "Windows DC (AD DS + DNS)"

Delete Host Override

netapi pfsense dns delete --id <id>
Example
netapi pfsense dns delete --id 17

Apply Changes

After add/update/delete, apply changes to activate:

netapi pfsense dns apply

Changes are staged until apply is called. This allows batch modifications before reloading the DNS resolver.

Common Workflows

Add New Server

# Add the record
netapi pfsense dns add --host myserver --domain inside.domusdigitalis.dev --ip 10.50.1.100 --descr "My new server"

# Apply changes
netapi pfsense dns apply

# Verify
netapi pfsense dns list | grep myserver

Update Server IP

# Find the ID and current values
netapi pfsense dns list | grep kvm-01-lan
# Output: │ 14 │ kvm-01-lan │ inside.domusdigitalis.dev │ 192.168.1.181 │ ...

# Update (all fields required, --apply is automatic)
netapi pfsense dns update --id 14 --host kvm-01-lan --domain inside.domusdigitalis.dev --ip 192.168.1.192

Bulk Update (Infrastructure Migration)

# Update multiple records with --no-apply to batch
netapi pfsense dns update --id 6 --host home-dc01 --domain inside.domusdigitalis.dev --ip 10.50.1.51 --descr "home-dc01 (new)" --no-apply
netapi pfsense dns update --id 14 --host kvm-01-lan --domain inside.domusdigitalis.dev --ip 192.168.1.192 --no-apply

# Single apply for all changes
netapi pfsense dns apply

See Also