Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Problem with aliases and FQDN

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 3 Posters 952 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      miha
      last edited by

      Hi all,

      i have a problem with aliases and fqdn.
      I use aliases which contain fqdn entries.

      They get resolved to ip's and i can see them in the corresponding tables.
      As far as i understand how it works in pfsense, each time an fqdn changes (in my case often), the updated ip will be put in the corresponding tables.
      This works fine.

      The problem is the the old ip's from fqdn's never get deleted from the tables. Filterdns is only able to add ip's to a table, it is not aware of the old ip address, so not able to remove it from the table. This way the table gets bigger and bigger and old ip's never got deleted (s. bug/feature: https://redmine.pfsense.org/issues/3199)

      My idea to resolve the issue: rebuild all tables from scratch by a cron entry, maybe each day/hour which would delete old fqdn based ip addresses.
      But i did not find a command to force pfsense to rebuild all tables from scratch.
      Is there a way to do this?

      1 Reply Last reply Reply Quote 0
      • C Offline
        cmb
        last edited by

        That's actually been implemented since then, should do just that out of the box on 2.2.

        1 Reply Last reply Reply Quote 0
        • P Offline
          phil.davis
          last edited by

          Confirmed good on 2.2-RELEASE. I checked a system that has been up for 11 days. It has an alias with a list of the FQDNs of dynamic DNS names of remote office public IPs that are kept up-to-date by each remote pfSense. Many of them have dynamic public IPs that change every day. The pf table currently has the right number of good entries.
          Previously with pfSense 2.1.5 it would accumulate about 100 IP addresses over a week or so as the FQDNs resolved to different IPs from dayto day.

          As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
          If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.