Add DNS server on pfsense machine
-
No, you can add it as a host override and still register it. It overrides the dhcp lease registeration.
Not sure why you would want to that though.
Steve
-
I'm thinking like that because they could be some DHCP clients names already registered in host override section.
Indeed, I tried to add a host override name "pohp.here" which points to an external IP, but when a DHCP client named "pohp" connects, the DNS points to the DHCP client machine, not to the external IP.Is it possible to override? Or have I to disable DHCP clients registration?
Thanks
-
Why would you point pohp.here to an external IP if you have a client called pohp?
Really not understanding your use case... But if your going to put in by hand IP address for clients fqdn, then there is ZERO point to having them register dhcp address into unbound..
You have dhcp clients register in dns when your are NOT going to put in records by hand for them.
-
I did an example, now I can explain better:
- there is a DHCP client named "server";
- I want to point "server.here" to it;
- I add an host override "server.here" pointing to the machine written in step 1;
- there could be another machine which the DHCP client name is "server".
I'm writing this because I don't administer fully the LAN, and some customers can connect to the wifi, and there could be some inconvenient DHCP clients names.
Should have I to disable the DHCP registration or is there a way to stay secure?
Thanks
-
Hmm, I tested that before posting and found it worked fine.
Are you sure you are seeing the same hostname and domain?
Edit: And it's still working after the client lease renewed.
Steve
-
@dam034 said in Add DNS server on pfsense machine:
there could be another machine which the DHCP client name is "server".
And why would you need to resolve those? So don't have dhcp register in unbound.. And just put in the host overrides for the stuff you want/need to resolve.
To be honest I really don't understand resolving dhcp clients by name in the first place.. If the box is important enough to you want to get to it by name.. Than it should have a reservation for dhcp so it always get the same IP. So register static dhcp. Or just set the box to be static IP and setup dns to resolve name to that IP, etc..
-
Well you could argue that clients with dynamic IPs are most likely to need DNS resolution to address them.
But I hear what you're saying.
Either way I have that setup here and it works exactly as expected. I suspect there is actually a mismatch here. For example you enter
client1somewhere and you think it should resolve to an override you have asclient1.domain1.netbut in fact your client is trying to resolve soemthing different likeclient1.sub.domain1.netbecause something is misconfigured.Steve
-
There is a difference between "clients" that get dhcp and "servers" he is using the name server.. While sure you might want to hand info out to the server via dhcp, so you can easy change stuff later like different router or dns, etc.
But server should have a dhcp reservation.
Random clients that are on and off the network, if you have a need to resolve them sure have register their names. But then why would you need to put in a host override? Why would you not just use different sub or domain then..
Just still not getting this use case.
-
Yeah, the easiest way to avoid this would just be to not add dynamic leases to Unbound.
-
It's true and easiest disabling the DNS for DHCP clients.
Thanks for all.
