Is there any way to use pfsense as caching DNS server. It will resolve domains starting from root servers and will cache them for consequent hits.
I tried DNS servers package on pfsense 1.2.2, which I guess uses WAN dns serversby default.
SnapOverflow
A pfSense forum thread suggests installing the DNS package for tinydns, and then adjusting the cache size to suit your needs.
2nd UPDATE:
The current versions of pfSense (2.2+) are now based on FreeBSD 10.X. This includes Unbound as the resolver. You can point Unbound at the resolvers at OpenDNS or Google.
[True for pfSense 2.1 and lower]
pfsense has a DNS cache, it is called dnsmasq. It doesn't start from the root servers. By default, it will take the DNS from the WAN DHCP server, but you can override that from the web page. I would point the box to an open DNS server, like
Google's at 8.8.8.8, Level3 at 4.2.2.1, 4.2.2.2 OpenDNS at 208.67.222.222, 208.67.220.220
The root servers are busy, so I wouldn't suggest starting with them. Use the addresses above and you should get better performance.
UPDATE:
Based on the comment below that states that dnsmasq is not a cache (not true, dnsmasq does cache responses, just not all types of records, see dnsmasq), I'd like to point out that there is another package on pfSense that does full DNS caching. Unbound is a full DNS resolver with support for DNSSEC (signed DNS requests). If you want a "full and complete" DNS cache, install that instead of using dnsmasq (which comes by default).
NOTE: There is one thing to be aware of when using Unbound. During an upgrade to the system, if you have pfSense itself set to only use Unbound as a resolver, DNS will fail because the packages are not be installed until after the OS is installed (but the OS upgrade requires DNS to get the packages). In this case, make sure that there are backup DNS resolvers for pfSense to use during an upgrade.
You can use the Unbound pacakge for this.
https://doc.pfsense.org/index.php/Unbound_package