Assign DNS Servers

On the top of the page the current Status of the systems DNS is displayed. This will be Working or Broken. Broken means the system is not able to do any name resolution. Since DNS is not working, IPFire is unable to serve the DNS for the GREEN & BLUE networks.

Note: do not proceed with a Status: Broken DNS system.

As usual a single entry can be enabled/disabled, modified or removed by using the corresponding tool in the action section next to it.

When using ISP-assigned DNS servers, they can not be modified here, please use the checkbox in the DNS Configuration section.

Add a new entry

A new server is easily created by clicking the "Add" button. Look for a server in your area here: List of Public DNS Servers.

IP address

Specify the IP address of your desired DNS server here. It has to be a valid IPv4 address.

TLS hostname

This field requires the hostname details of the certificate, which the DNS server uses and is only required if you configured to use TLS for DNS queries. It must be given as a fully qualified domain name.

However it might be helpful to specify the TLS hostname details, if you plan to switch to TLS at a later time.


The Remark field is optional.

Check DNS Servers

When using this button, a short check for each enabled DNS server will be conducted and will display if your current settings are correct.

Note: do not proceed with a Status: Broken DNS system. Click the Check DNS Servers button.

Note: Hovering the mouse pointer over the server's Status will provide additional debugging information (DNSSEC Validating, DNSSEC Aware, etc.).

Recursive Resolver

If there are no (working) DNS servers configured, the system will go into recursor mode. In this mode, it will contact the root servers to resolve queries and recursively work its way down the DNS tree without using any third-party resolvers.

Next: see DNS Configuration