DNS CNAME records posible with unbound?
-
Hello,
Is it posible to add CNAME (alias) entries with pfsense's unbound? I've searched and it seems the answer is 'no' but I wanted to check here.
Thanks,
Sean
-
Huh. That's the "Additional Names for this Host" in "Host Overrides". Kinda hard to miss.
-
No, it's not going to work with Unbound because it's not an authoritative name server and can not expand the CNAMEs. You would need BIND or equivalent for that. Use the host overrides if that solves your problem as noted by dok above.
-
Thanks both for your replies.
So I have a pretty vanilla split DNS scenario. I currently run BIND on a Mac Mini and am looking to move that task to my pfsense box. My current setup has one A record per server and CNAMES for some of them. So for example a web server named "borg" with a CNAME of "www". I suppose this "Additional Names for this Host" thing just uses additional A records? I guess that would work just as well.
But what about say an MX record? Or PTR record?
-
You can override MX, PTR, SRV and even SOA records with Unbound, no problem (not exposed trough the GUI in pfSense but you can use custom options). What I wrote above is bit incorrect. The reason the CNAME records won't work as host overrides is because they have to be resolved with an additional query either to the upstream forwarder or the authoritative server. A resolver like Unbound won't look at its own host overrides to resolve a CNAME, they have to be set in the authoritative server.