DHCP not registering hostnames in DNS

hova

Ok, so I try understand how you're explaining it: is this correct?

The "DHCP Registration" means: when there is a MAC->StaticIP, use the HostName from that DHCP mapping, when such MAC is requesting such static-mapped IP
The "Static DHCP" means: when there is a MAC->StaticIP mapping, use the HostName as defined in the requesting MAC

Is that correct? Thank you!

Gertjan

Welll ... I prefer this explanation :

If this option is set, then machines that specify their hostname when requesting an IPv4 DHCP lease will be registered in the DNS Resolver so that their name can be resolved. The domain in System > General Setup should also be set to the proper value.

DHCP Static Mappings :
If a device asks for an IP, an this device has a 'known' (listed) MAC, then give him 'his' IP from predetermined list.

johnpoz

Register leases is ANY lease.. You don't have to set a hostname, or you can set a hostname.. If you care about the hostname, why would you not just set the IP while your setting the reservation.

dhcp leases that are not reservations are normally for any client that connects, it will give you a name, etc..

So, just changed mine to register all dhcp leases - the check mark shown..

Got a dhcp address

$ ipconfig /all                                                             
                                                                            
Windows IP Configuration                                                    
                                                                            
   Host Name . . . . . . . . . . . . : i5-win                               
   Primary Dns Suffix  . . . . . . . : local.lan                            
   Node Type . . . . . . . . . . . . : Broadcast                            
   IP Routing Enabled. . . . . . . . : No                                   
   WINS Proxy Enabled. . . . . . . . : No                                   
   DNS Suffix Search List. . . . . . : local.lan                            
                                                                            
Ethernet adapter Ethernet:                                                  
                                                                            
   Connection-specific DNS Suffix  . : local.lan                            
   Description . . . . . . . . . . . : Realtek PCIe GbE Family Controller   
   Physical Address. . . . . . . . . : 00-13-3B-2F-67-62                    
   DHCP Enabled. . . . . . . . . . . : Yes                                  
   Autoconfiguration Enabled . . . . : Yes                                  
   IPv4 Address. . . . . . . . . . . : 192.168.9.200(Preferred)             
   Subnet Mask . . . . . . . . . . . : 255.255.255.0                        
   Lease Obtained. . . . . . . . . . : Tuesday, March 19, 2019 4:56:30 AM   
   Lease Expires . . . . . . . . . . : Saturday, March 23, 2019 4:56:30 AM  
   Default Gateway . . . . . . . . . : 192.168.9.253                        
   DHCP Server . . . . . . . . . . . : 192.168.9.253                        
   DNS Servers . . . . . . . . . . . : 192.168.3.10                         
   NetBIOS over Tcpip. . . . . . . . : Enabled

It resolve per its name to that IP.

$ dig @192.168.9.253 i5-win.local.lan                                  
                                                                       
; <<>> DiG 9.12.3-P1 <<>> @192.168.9.253 i5-win.local.lan              
; (1 server found)                                                     
;; global options: +cmd                                                
;; Got answer:                                                         
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27799              
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
                                                                       
;; OPT PSEUDOSECTION:                                                  
; EDNS: version: 0, flags:; udp: 4096                                  
;; QUESTION SECTION:                                                   
;i5-win.local.lan.              IN      A                              
                                                                       
;; ANSWER SECTION:                                                     
i5-win.local.lan.       3600    IN      A       192.168.9.200          
                                                                       
;; Query time: 0 msec                                                  
;; SERVER: 192.168.9.253#53(192.168.9.253)                             
;; WHEN: Tue Mar 19 04:58:52 Central Daylight Time 2019                
;; MSG SIZE  rcvd: 61

And if I look in the file I said to look, there it is.. Along with all my other dhcp leases that have kicked in.

[2.4.4-RELEASE][admin@sg4860.local.lan]/root: cat /var/unbound/dhcpleases_entries.conf 

# dhcpleases automatically entered
local-data: "i5-win.local.lan IN A 192.168.9.200"
local-data-ptr: "192.168.9.200 i5-win.local.lan"
local-data: "2k12r2.local.lan IN A 192.168.2.220"
local-data-ptr: "192.168.2.220 2k12r2.local.lan"
local-data: "HS105.local.lan IN A 192.168.4.211"
local-data-ptr: "192.168.4.211 HS105.local.lan"
local-data: "amazon-80bd5abdf.local.lan IN A 192.168.4.220"
local-data-ptr: "192.168.4.220 amazon-80bd5abdf.local.lan"
local-data: "ESP_6B8B9E.local.lan IN A 192.168.4.203"
local-data-ptr: "192.168.4.203 ESP_6B8B9E.local.lan"
local-data: "ESP_DF841E.local.lan IN A 192.168.4.213"
local-data-ptr: "192.168.4.213 ESP_DF841E.local.lan"
local-data: "Johns-XR.local.lan IN A 192.168.7.109"
local-data-ptr: "192.168.7.109 Johns-XR.local.lan"
local-data: "DIRECTV-HS17R05-B448CC64.local.lan IN A 192.168.7.104"
local-data-ptr: "192.168.7.104 DIRECTV-HS17R05-B448CC64.local.lan"
local-data: "HarmonyHub.local.lan IN A 192.168.7.103"
local-data-ptr: "192.168.7.103 HarmonyHub.local.lan"
[2.4.4-RELEASE][admin@sg4860.local.lan]/root:

So what exactly do you feel is not working?

Your setting a reservation with hostname and not calling out IP?

So I set reservation for mac and just put in hostname testname.. When My client gets an IP.. it registers its OWN name, the i5-win.. So testname is not there..

If you want to have say your box called testname, then just setup a reservation that calls out its name, and the IP... And then you will get what you want... So example here..

[2.4.4-RELEASE][admin@sg4860.local.lan]/root: cat /var/unbound/host_entries.conf | grep test
local-data-ptr: "192.168.9.42 testname.local.lan"
local-data: "testname.local.lan. A 192.168.9.42"

$ dig testname.local.lan

; <<>> DiG 9.12.3-P1 <<>> testname.local.lan
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61076
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;testname.local.lan.            IN      A

;; ANSWER SECTION:
testname.local.lan.     3600    IN      A       192.168.9.42

;; Query time: 3 msec
;; SERVER: 192.168.3.10#53(192.168.3.10)
;; WHEN: Tue Mar 19 05:18:27 Central Daylight Time 2019
;; MSG SIZE  rcvd: 63

$ ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : i5-win
   Primary Dns Suffix  . . . . . . . : local.lan
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : local.lan

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . : local.lan
   Description . . . . . . . . . . . : Realtek PCIe GbE Family Controller
   Physical Address. . . . . . . . . : 00-13-3B-2F-67-62
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.9.42(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, March 19, 2019 5:19:31 AM
   Lease Expires . . . . . . . . . . : Saturday, March 23, 2019 5:19:31 AM
   Default Gateway . . . . . . . . . : 192.168.9.253
   DHCP Server . . . . . . . . . . . : 192.168.9.253
   DNS Servers . . . . . . . . . . . : 192.168.3.10
   NetBIOS over Tcpip. . . . . . . . : Enabled

hova

Ok, that makes sense to me, how you described it, i.e. I must set also the IP address, not only the MAC + host-name, in the DHCP reservation, so that host-name from the reservation will be used - otherwise, the DHCP-client's internal/random host-name will be used.

What I wanted: I don't care nor like to manage the IP addresses for a lot of known MAC-addresses on my LAN (like mobile phones for example), but I would like anyway to give them some nice host-names, centrally, like "phone-andy". I understand such clients like "these are not servers, don't bother with their current IP, but I can ping/reach them by a nice host-name"

Like it's designed, I have only these 2 options:

To have a nice host-name as "phone-andy" being registered, I must reserve a concrete IP for its MAC
Otherwise, the phone's internal host-name (like empty-string, or "Motorola3455.AA") will be taken, although the phone's MAC is known and has set a custom host-name in the DHCP reservation.

Is it like that? Thank you ;-)!

Gertjan

@hova said in DHCP not registering hostnames in DNS:

I must reserve a concrete IP for its MAC

When setting up a static DHCP, you will see :

To identify a device (host) you have to copy over the MAC.

hova

Yes, of course I must put inside that MAC ;-)! But I do not want to define also the IP address - I want it to be assigned randomly from the pool, what is also working fine, with the only problem, that such dynamically assigned DHCP-client will not be entered into the DNS with the host-name as entered in this reservation, but with the DHCP-client's own/internal host-name, which is entered into the device itself.

I'm not sure you understand my problem; everything is working fine, but the host-name from my DHCP-reservation is only then used, when I also define a static IP address in the DHCP-reservation, i.e. the MAC+host-name is not enough, I must enter also an IP, which I don't want in some cases (like mobile-phones in my LAN etc.)

Gertjan

I do understand ^^

I guess it boils down to : no IP means : the self defined host-name will not be taken in account.

If you want to supply a host name, then at least a client identifier (like a MAC) and an IPv4 must be present.

I consulted :
ISC dhcp man pages
The initial RFC 1531 and 7 RFC 2131

johnpoz

How can you create an dns record if there is NO IP? When the client gets an IP it will also give its own name..

For you to do what you want the dhcp server would have to ignore the supplied hosts name, and use the one in the lease. I do not think that is possible.

And to be honest do not understand the use case at all. If your going to take the time to give a device a name, why not just also give it and IP. This way you know for sure 2 things about the device - is NAME, and the IP..

Just makes no sense to me what your asking for - please give an example of how this use case makes any sense.

Lets say I have some device with some odd name like deviceABC472 or something.. And you want to call it deviceX.. Ok then create a static lease for its mac, with name deviceX, AND!!! IP address 1.2.3.4

Now you have dns record that points devicex.yourdomain.tld to 1.2.3.4, and can look up PTR for 1.2.3.4 that says deviceX.yourdomain.tld.. And even if dns fails you still will KNOW that your device is at 1.2.3.4

So you can easy create firewall rules on this IP... It takes all of .2 seconds when your creating the reservation to give it an IP as well at that time.. Now your done - it will have your name deviceX and an IP - and dns will reflect this.

hova

Yes, I understand it now, thank you. Anyway, I see technically no problem with taking the host-name from the reservation into the DNS: the client gets its IP from the pool, the server realizes it and inserts/replaces (whatever the timing is) the client's name with that one from the reservation.

Why this makes sense?

Because you can look into your DHCP-leases and see hundreds of devices, once, and not twice (once comes the internal device's name, once that from the known MAC with the preset name, which is ignored without setting the IP manually)
Because you can telnet/ping/whatever those machines by their names, ignoring the IPs: say in your Synology Surveillance Station, you can enter the camera's FQDN instead of the IP
Because you don't have to "count +1" IP addresses manually: when a camera reboots, it doesn't matter it gets possibly another IP; it goes online in the surveillance SW thanks to its name
Because when you decide to re-factore your LAN (say VLANs, subnets..), you don't have to go through all those devices once again and count again "+1" all these - just redesign the DHCP pool and good is.

Of course, I would not rely on this for stuff like pfSense itself, or NAS, or some VM boxes running as servers; but with the most devices I run (cameras, mobiles..) I would prefer to ignore their IP addresses - those seldom hassles not being able to reach them are much outweighed by not being forced to provide manually IP addresses.

I would not like to block unknown MAC at home - but also I like to see all those unknown devices, which are not pre-configured yet; so when somebody/something new enters my LAN, I can see it, visually, when I care.

I see no technical problem implement this - the server knows the MAC, it assigns the pre-defined host-name and ignores that in the device. And it enters this record into the DNS.

We are not talking about an enterprise security level, I'm talking about those zillions folks running pfSense also at their homes, having tons of devices, wanting having them simply handled/named. Some "opt-in" feature in the DNS resolver or DHCP for that matter.

It would help me, YMMV of course; but it was one of the most obvious things I've expected from pfSense when installed at home. In TomatoVPN/ddwrt, this is a no-brainer - it just works, without forcing me to enter the static IP addresses.

johnpoz

Again it works JUST fine - you can create reservation for mac and let it pull from the pool.. Just again seems to be stupid... You don't need to create reservation if all you want it to do is pull from the pool.

The only time this makes sense if your wanting to lock down your dhcp to not hand out IPs unless there is a reservation.

Where are you seeing hundreds of devices in the dhcp lease table? Maybe that is your problem your trying to solve with some nonsense?? If your device is pulling multiple leases then you have something wrong!! A device will either get a lease, renew the lease.. Why would it get multiple leases? Unless its mac changed or it changed to a different network?

Lets see these multiple leases for the same mac, etc. with different names on them..

You would have to look to the rfc and the actual details of the dhcpd on how you can tell it to ignore the name of the device when it hands out the lease, and use the name you put in the reservation for dns, etc.

Maybe the option

Ignore client identifiers
If a client includes a unique identifier in its DHCP request, that UID will not be recorded in its lease. This option may be useful when a client can dual boot using different client identifiers but the same hardware (MAC) address. Note that the resulting server behavior violates the official DHCP specification.

Will do what you want? But I am still not understand your use case for this feature.. If you have multiple lease by the same device with multiple names and IPs then you have something wrong.. The correct thing to do is not try and override the problem with some sort of odd setup... But to understand why the issue is happening in the first place and correct it.

hova

I think I still was not able to explain it - I try to name a device with a known MAC - without being forced to reserve a fix IP for it.

When I don't put an IP beside a MAC in the reservations, I see this MAC-item/row twice in the current DHCP leases/status: once as I've set it in the reservations and once as it got the IP with the device's internal host-name.

This is a very basic elementary use-case, which works even in products like ddwrt/Tomato etc. - you assign a host-name to a MAC-address, that's it.

.thank you for being patient with me ;-)!

Grimson

@hova said in DHCP not registering hostnames in DNS:

I think I still was not able to explain it - I try to name a device with a known MAC - without being forced to reserve a fix IP for it.

Which is rather pointless.

This is a very basic elementary use-case, which works even in products like ddwrt/Tomato etc. - you assign a host-name to a MAC-address, that's it.

Those two use dnsmasq for both DNS and DHCP, in that case dnsmasq is doing this internally.

In pfSense dhcp and dns are handled by individual daemons, so you would need an additional communication layer between them. This adds more complexity, may require upstream code changes and might introduce additional bugs.

Even the currently implemented option to register dynamic leases in the Resolver has the drawback that every time a lease is created/updated unbound has to restart, which empties the DNS cache and can in combination with pfBlockerNG and big DNSBL lists cause DNS outages for a few seconds.

IMO any further discussion of that topic here is rather pointless, you have the following options:

Create a feature request on redmine. Then you'll see if, and with what priority, the developers are interested in such an option.
Add IPs to your static leases and be done with it.
Don't use pfSense for DNS and DHCP, instead use an additional host for that. Pi-Hole for example uses dnsmasq so check whether it can also be used as an DHCP server.
Don't use pfSense at all and go back to dd-wrt or tomato.

johnpoz

You might be able to do this with this statement

The use-host-decl-names statement

use-host-decl-names flag;

If the use-host-decl-names parameter is true in a given scope, then for every host declaration within that scope, the name provided for the host declaration will be supplied to the client as its hostname. So, for example,

group {
use-host-decl-names on;

host joe {
hardware ethernet 08:00:2b:4c:29:32;
fixed-address joe.example.com;
}
}

is equivalent to

host joe {
hardware ethernet 08:00:2b:4c:29:32;
fixed-address joe.example.com;
option host-name "joe";
}

Additionally, enabling use-host-decl-names instructs the server to use the host declaration name in the the forward DNS name, if no other values are available. This value selection process is discussed in more detail under DNS updates.

An option host-name statement within a host declaration will override the use of the name in the host declaration.

It should be noted here that most DHCP clients completely ignore the host-name option sent by the DHCP server, and there is no way to configure them not to do this. So you generally have a choice of either not having any hostname to client IP address mapping that the client will recognize, or doing DNS updates. It is beyond the scope of this document to describe how to make this determination.

But this is not able to do currently without major hack to the dhcpd.conf file.. Its possible to do some custom options in this file... But pfsense creates the files from info in the xml, etc. So I its not just click click.

And I understand what your saying - I just don't get the actual use case... I just don't If your going to go to the trouble of creating a reservation.. Just freaking put in an IP and all of your problems go away!! you get exactly what your asking

deviceABC4762X will resolve via customname.yourdomain.xyz...

Its like your causing your own pain because for some odd reason you can not take .2 seconds to put in IP address 1.2.3.X when you create the reservation.

hova

Thank you, I'll check your script. At least somebody is answering to the topic, cool!

Everyone has different needs; when refactorying the net, you have 2secs-times-n, where n can be around 100 also on a small home LAN. When somebody doesn't need the IP, only the name, it's a valid need, regardless if some folks think it's useless or stupid.

To have a name without an IP makes perfect sense for me and many others, as there are other routers doing exactly this. pfSense is much better than most of them, that's why I was expecting such an elementar use-case to be supported.

I wouldn't have written so much here, but could not believe it's not supported. Maybe this helps somebody else one day, as it helped me.

Thank you ;-)!

johnpoz

Yeah unless you write this code yourself or place a bounty for it to happen... I don't think this is ever going to happen.. There are a bajillion better things the dev's could be doing - like changing ui to a cooler looking font... Which would fine 10000X more interest from their user base then like the 2 people that might want such a feature ;)

You have the time to create a reservation for client and put in the NAM and the mac but not the IP? I don't care if you have a 1000's freaking clients..

You know you could just load this in from a file right? You don't have to do it all by hand in the gui.
I can load 1000's reservations via an xml restore in couple of seconds... Vs all this nonsense of just put in reservation without the IP.

And then on the other end - if you have 1000 freaking clients if they get an IP who freaking cares if their name is deviceXZY or YourName, etc.

mimino

Not expecting any replies here since the topic is quite old. But the @hova request/question is far from being "stupid". I'm sure there're lots of folks who would like to just change the device name w/o worrying about the IP, me including. The fact that this feature functions properly in many other routers also proves that it's not "stupid" and there are legit use cases for it.

Now, saying "it works JUST fine" is not being completely honest. What is the expected behavior when adding static lease record without an IP in the UI? Any sane person would expect this MAC<->NAME mapping to just work, and if it doesn't work this way then you should always force the user to provide a static IP address and not allow adding static mappings without it, period! It's better than seeing two records in the leases - what's the meaning of this:

alt text

It's clear that there's a "freaking" problem that needs addressing.

luisogandob

Use case:
I want to setup rules in the firewall by using aliases like groups. I setup dhcp statics with MAC and hostnames, without IP cause i don't care about IP number. I use those hostnames in the aliases and not the real hostname cause that way i don't need to be worried about the hostname in case of OS re-installation -for example-. That should work, and doesn't.

randyshoopman

Totally agree with @mimino and @hova. I think there are plenty of people who would want to use static mappings to override the hostname and maybe add a Description. As mimino said, the IP is OPTIONAL in the static mapping UI and in the docs it says "The IP address field may be left blank to have the client pull its address from a pool." Why? If static mappings are useless without the IP , why not make the field required?

My home network has tons of IOT devices with absolutely useless hostnames or no name at all in some cases. Use Case: When I look at the Status > DHCP Leases page, hostnames that actually help me identify the device would be helpful. At the same time I do not care what IP the DHCP server gives to that client. Isn't not worrying about IPs why we all love DHCP?

If I have to provide an IP to make this work, fine. But it's certainly not an unreasonable or baffling request, especially considering the static mapping UI.

jjiburg

Adding my voice to this request. I’m in a lab where we test hundreds of consumer networked devices. Having the ability to access the devices by name via MAC to Hostname mapping without having to worry about static IP allocation was apparently something I took for granted before switching to PFSense. Loving everything else about the switch to PFS, but this is a big deal for us.

johnpoz

@jjiburg said in DHCP not registering hostnames in DNS:

Having the ability to access the devices by name via MAC to Hostname mapping without having to worry about static IP allocation

I still don't get this - put in an IP.. Your already put in the name and mac - so put in an IP.. just put them in order when you load the xml

hostA aa:bb:cc 192.168.1.10
hostb dd:ee:ff 192.168.1.11
etc. etc..

You stated your self you don't care what the IP is, so don't care just put fill it out in sequence...