pfSense uses its internal routing table to determine the route to DNS servers (remember that policy-based routing does not apply to traffic generated by pfSense). As a result, if static routes are not configured, then pfSense will only use the primary WAN interface to access DNS servers. Therefore, you must configure static routes if you want pfSense to use the correct OPT_WAN interface for DNS queries. If you do not configure static routes for the OPT_WAN interfaces, there are two issues:

• If you are using your ISP's DNS servers, often ISPs will block recursive DNS queries from outside their network. This problem can be eliminated if you use alternative DNS servers such as the ones operated by OpenDNS.
• If no static routes are configured and the primary WAN interface goes down, then you will be left with no means of DNS resolution.

One of the ways to eliminate this problem is to use the DNS server for an OPT_WAN gateway as the monitor IP address for the gateway. If you do, pfSense will automatically add a static route for the gateway's DNS server.

If you need to add a static route for the DNS server, however, it's not difficult. For example, to add a static route to  8.8.8.8 for the OPT_WAN gateway, navigate to System | Routing, click on the Static Routes tab, and click on the Add button. For the Destination network, enter 8.8.8.8 with 32 for the CIDR. For the Gateway, select the OPT_WAN gateway in the drop-down box. Then click on Save and Apply Changes (enter a brief Description first if you wish), and you are done.