Pfsense Subnet Routing Issues
Pfsense Subnet Routing Issues
After extensive testing, it seems to be functioning as a pfblocker just by being... ineffective. I'm unsure why it's performing poorly or what the issue is, but switching to Pihole resolved the problem. I set up two Pihole virtual machines for a pseudo HA setup with DHCP assigning IPs automatically if one fails. Things are now more stable, and I'm using unbound on pfSense as their upstream DNS.
It seems pfBlockerNG is built to handle a wide range of tasks, which is why I limit its use to IP blocklists rather than DNS features. I only need it for DNS-level blocking of certain subnets, not the entire network. This aligns well with pihole’s independent design, which could be a better fit. I might explore using it myself when I’m behind a VPN and facing bandwidth limits, where ad blocking becomes more important.