DNS Resolver with VLANs

vodolej

Hi guys,

I'm experiencing a problem probably with DNS config and don't really understand, is it a bug in my config or a feature.

Config:
pfSense 2.3.4-p1,
Hostname: pfsense, domain: mydomain.tld

LAN: 192.168.15.0/24
Guest VLAN: 192.168.20.0/24
Media VLAN: 192.168.30.0/24

In LAN

ipconfig /all
Primary Dns Suffix . . . . . . . :
…
DNS Suffix Search List. . . . . . : mydomain.tld
...
DHCP-Server . . . . . . . . . . : 192.168.15.1
DNS-Server . . . . . . . . . . . : 192.168.15.1

C:>ping pfsense

Pinging pfsense.mydomain.tld [[b]192.168.15.1] with 32 bytes of data:
Reply from 192.168.15.1: bytes=32 time<1ms TTL=64
Reply from 192.168.15.1: bytes=32 time<1ms TTL=64

In Guest VLAN:

ipconfig /all
Primary Dns Suffix . . . . . . . :
…
DNS Suffix Search List. . . . . . : mydomain.tld
...
DHCP-Server . . . . . . . . . . : 192.168.20.1
DNS-Server . . . . . . . . . . . : 192.168.20.1

C:>ping pfsense

Pinging pfsense.mydomain.tld [[b]192.168.15.1] with 32 bytes of data:
Timeout
Timeout

The DNS-Server and the DHCP-Server are resolved correct in the VLAN, but not the host pfsense.
I thought that pfsense.mydomain.tld would be resolved in VLAN with 192.168.20.1.

I'm going to config more VLANs and would expect, that pfsense.mydomain.tld would be resolved in each VLAN with its VLAN-IP as the DHCP- and DNS-Server.
Is there anything wrong in my config?

johnpoz

"I thought that pfsense.mydomain.tld would be resolved in VLAN with 192.168.20.1. "

You though wrong here ;)

Doesn't work that way.. I you want it to work like that you have a few options.

I take it your using unbound. So create host entries with different subdomain for your what you want to resolve ie
pfsense.sub.mydomain.tld
pfsense.othersub.mydomain.tld

Or you create different views with unbound so that when you query pfsense.mydomain.tld from vlanX you get back that IP, if you query it from vlanY you get vlanY IP, etc. Take a bit to setup if you have a lot of vlans.. but can be done

vodolej

@johnpoz:

Or you create different views with unbound so that when you query pfsense.mydomain.tld from vlanX you get back that IP, if you query it from vlanY you get vlanY IP, etc. Take a bit to setup if you have a lot of vlans.. but can be done

Thanks! Is there a tutorial for views creating with Unbound available?

johnpoz

I had gone over it in a thread a while back, I think it has come up a few times.. Let me look for it.

edit: here you go https://forum.pfsense.org/index.php?topic=126740.0

vodolej

@johnpoz:

I had gone over it in a thread a while back, I think it has come up a few times.. Let me look for it.

edit: here you go https://forum.pfsense.org/index.php?topic=126740.0

I tried it. Without sucess.

Unbound_View_Definition.png_thumb

johnpoz

U might have some issues with the double server stuff let me look closer at ur post when at cpu vs phone

vodolej

@johnpoz:

U might have some issues with the double server stuff let me look closer at ur post when at cpu vs phone

UR right! With single server definition is works!

Thanks for your support!

Anyway, is there any kind of docu or samles for view definition available beside your post?

Unbound_View_Definition2.png_thumb

johnpoz

Yeah its called the unbound documentation ;)

https://www.unbound.net/documentation/