Aliases FQDN not regulary updated ?

dominique.fournier

Hi,

I defined some FQDN aliases in Hosts mode. The resolver change IP for the given name, but the alias table in pfctl didn't change (by pfctl -t APTUpdates -T show) .

Could you give me the refresh time for this alias table ? on the Web page it is written 'periodically', but I couldn't find in code the refresh process. I found the URL refresh, but not for Hosts.

It should be cool to add a log line for this each time the update is launched.

Of course, if I click on the Web page on 'save' button, the table is refreshed.

Thanks

jimp

The filterdns daemon checks every 5 minutes and reloads the tables if it detects an IP change.

dominique.fournier

EDIT : Sorry, I just found the bug in filterdns http://redmine.pfsense.org/issues/2506

CLOSED !

Thanks for your answer. I put it in debug mode and there is a problem :
I have a table named 'APTUpdates' with servers needed to my Debian station to be joined for the updates.
One entry is ftp.fr.debian.org which is actually reseolved by :
$ host ftp.fr.debian.org
ftp.fr.debian.org is an alias for ftp.oleane.net.
ftp.oleane.net has address 194.2.0.36
ftp.oleane.net has IPv6 address 2a01:c910:0:1::c202:24
BTW, in the table,there is not the IPv6 entry :
pfctl -t APTUpdates -T show
  67.205.85.245
  82.67.68.81
  82.195.75.97
  86.59.118.148
  86.59.118.153
  88.191.250.131
  91.189.88.33
  91.189.92.150
  91.189.92.151
  91.189.92.166
  91.189.92.167
  91.189.92.181
  91.189.92.184
  91.189.92.191
  128.31.0.51
  130.89.148.12
  130.89.148.13
  147.173.3.16
  158.255.96.2
  188.165.151.222
  194.2.0.36
  194.145.197.105
  195.20.242.89
  206.12.19.9
  212.211.132.32
  212.211.132.250
  2001:610:1908:b000::148:13
  2001:858:2:2::2
  2001:858:2:2:214:22ff:fe0d:7717
  2001:8d8:580:400:6564:a62:0:2
  2001:a78:5:0:216:35ff:fe7f:be4f
  2001:a78:5:1:216:35ff:fe7f:6ceb
  2001:41b8::/32
  2001:41b8:202:deb:1a1a:0:52c3:4b61
  2607:f8f0:610:4000:211:25ff:fec4:59ae
  2a01:e0c:1:1598::2

Other thing in logs (egrep '(adding|clearing) entry' user.warning  | grep ftp.fr.debian.org) :
Jul 31 11:03:46 pfsense1 filterdns: adding entry ::2a01:c910:0:1:0 to table APTUpdates on host ftp.fr.debian.org
Jul 31 11:03:46 pfsense1 filterdns: clearing entry ::2a01:c910:0:1:0 from table APTUpdates on host ftp.fr.debian.org
Jul 31 11:08:46 pfsense1 filterdns: adding entry ::2a01:c910:0:1:0 to table APTUpdates on host ftp.fr.debian.org
Jul 31 11:08:46 pfsense1 filterdns: clearing entry ::2a01:c910:0:1:0 from table APTUpdates on host ftp.fr.debian.org

The logs are strange too (for another server) : The :: is not at the right place…
Jul 31 08:53:41 pfsense1 filterdns: adding entry ::2001:610:1908:b000:0 to table APTUpdates on host ftp.debian.org
Jul 31 08:53:41 pfsense1 filterdns: found entry 0.0.130.89 for APTUpdates
because ftp.debian.org has :
: host ftp.debian.org
ftp.debian.org has address 130.89.148.12
ftp.debian.org has IPv6 address 2001:610:1908:b000::148:12

Of course, as the update is incorrect, the packets are dropped...

Thanks a lot