DHCP not registering hostnames in DNS
-
Ok, that makes sense to me, how you described it, i.e. I must set also the IP address, not only the MAC + host-name, in the DHCP reservation, so that host-name from the reservation will be used - otherwise, the DHCP-client's internal/random host-name will be used.
What I wanted: I don't care nor like to manage the IP addresses for a lot of known MAC-addresses on my LAN (like mobile phones for example), but I would like anyway to give them some nice host-names, centrally, like "phone-andy". I understand such clients like "these are not servers, don't bother with their current IP, but I can ping/reach them by a nice host-name"
Like it's designed, I have only these 2 options:
- To have a nice host-name as "phone-andy" being registered, I must reserve a concrete IP for its MAC
- Otherwise, the phone's internal host-name (like empty-string, or "Motorola3455.AA") will be taken, although the phone's MAC is known and has set a custom host-name in the DHCP reservation.
Is it like that? Thank you ;-)!
-
@hova said in DHCP not registering hostnames in DNS:
I must reserve a concrete IP for its MAC
When setting up a static DHCP, you will see :
To identify a device (host) you have to copy over the MAC.
-
Yes, of course I must put inside that MAC ;-)! But I do not want to define also the IP address - I want it to be assigned randomly from the pool, what is also working fine, with the only problem, that such dynamically assigned DHCP-client will not be entered into the DNS with the host-name as entered in this reservation, but with the DHCP-client's own/internal host-name, which is entered into the device itself.
I'm not sure you understand my problem; everything is working fine, but the host-name from my DHCP-reservation is only then used, when I also define a static IP address in the DHCP-reservation, i.e. the MAC+host-name is not enough, I must enter also an IP, which I don't want in some cases (like mobile-phones in my LAN etc.)
-
I do understand ^^
I guess it boils down to : no IP means : the self defined host-name will not be taken in account.
If you want to supply a host name, then at least a client identifier (like a MAC) and an IPv4 must be present.
I consulted :
ISC dhcp man pages
The initial RFC 1531 and 7 RFC 2131 -
How can you create an dns record if there is NO IP? When the client gets an IP it will also give its own name..
For you to do what you want the dhcp server would have to ignore the supplied hosts name, and use the one in the lease. I do not think that is possible.
And to be honest do not understand the use case at all. If your going to take the time to give a device a name, why not just also give it and IP. This way you know for sure 2 things about the device - is NAME, and the IP..
Just makes no sense to me what your asking for - please give an example of how this use case makes any sense.
Lets say I have some device with some odd name like deviceABC472 or something.. And you want to call it deviceX.. Ok then create a static lease for its mac, with name deviceX, AND!!! IP address 1.2.3.4
Now you have dns record that points devicex.yourdomain.tld to 1.2.3.4, and can look up PTR for 1.2.3.4 that says deviceX.yourdomain.tld.. And even if dns fails you still will KNOW that your device is at 1.2.3.4
So you can easy create firewall rules on this IP... It takes all of .2 seconds when your creating the reservation to give it an IP as well at that time.. Now your done - it will have your name deviceX and an IP - and dns will reflect this.
-
Yes, I understand it now, thank you. Anyway, I see technically no problem with taking the host-name from the reservation into the DNS: the client gets its IP from the pool, the server realizes it and inserts/replaces (whatever the timing is) the client's name with that one from the reservation.
Why this makes sense?
- Because you can look into your DHCP-leases and see hundreds of devices, once, and not twice (once comes the internal device's name, once that from the known MAC with the preset name, which is ignored without setting the IP manually)
- Because you can telnet/ping/whatever those machines by their names, ignoring the IPs: say in your Synology Surveillance Station, you can enter the camera's FQDN instead of the IP
- Because you don't have to "count +1" IP addresses manually: when a camera reboots, it doesn't matter it gets possibly another IP; it goes online in the surveillance SW thanks to its name
- Because when you decide to re-factore your LAN (say VLANs, subnets..), you don't have to go through all those devices once again and count again "+1" all these - just redesign the DHCP pool and good is.
Of course, I would not rely on this for stuff like pfSense itself, or NAS, or some VM boxes running as servers; but with the most devices I run (cameras, mobiles..) I would prefer to ignore their IP addresses - those seldom hassles not being able to reach them are much outweighed by not being forced to provide manually IP addresses.
I would not like to block unknown MAC at home - but also I like to see all those unknown devices, which are not pre-configured yet; so when somebody/something new enters my LAN, I can see it, visually, when I care.
I see no technical problem implement this - the server knows the MAC, it assigns the pre-defined host-name and ignores that in the device. And it enters this record into the DNS.
We are not talking about an enterprise security level, I'm talking about those zillions folks running pfSense also at their homes, having tons of devices, wanting having them simply handled/named. Some "opt-in" feature in the DNS resolver or DHCP for that matter.
It would help me, YMMV of course; but it was one of the most obvious things I've expected from pfSense when installed at home. In TomatoVPN/ddwrt, this is a no-brainer - it just works, without forcing me to enter the static IP addresses.
-
Again it works JUST fine - you can create reservation for mac and let it pull from the pool.. Just again seems to be stupid... You don't need to create reservation if all you want it to do is pull from the pool.
The only time this makes sense if your wanting to lock down your dhcp to not hand out IPs unless there is a reservation.
Where are you seeing hundreds of devices in the dhcp lease table? Maybe that is your problem your trying to solve with some nonsense?? If your device is pulling multiple leases then you have something wrong!! A device will either get a lease, renew the lease.. Why would it get multiple leases? Unless its mac changed or it changed to a different network?
Lets see these multiple leases for the same mac, etc. with different names on them..
You would have to look to the rfc and the actual details of the dhcpd on how you can tell it to ignore the name of the device when it hands out the lease, and use the name you put in the reservation for dns, etc.
Maybe the option
Ignore client identifiers
If a client includes a unique identifier in its DHCP request, that UID will not be recorded in its lease. This option may be useful when a client can dual boot using different client identifiers but the same hardware (MAC) address. Note that the resulting server behavior violates the official DHCP specification.Will do what you want? But I am still not understand your use case for this feature.. If you have multiple lease by the same device with multiple names and IPs then you have something wrong.. The correct thing to do is not try and override the problem with some sort of odd setup... But to understand why the issue is happening in the first place and correct it.
-
I think I still was not able to explain it - I try to name a device with a known MAC - without being forced to reserve a fix IP for it.
When I don't put an IP beside a MAC in the reservations, I see this MAC-item/row twice in the current DHCP leases/status: once as I've set it in the reservations and once as it got the IP with the device's internal host-name.
This is a very basic elementary use-case, which works even in products like ddwrt/Tomato etc. - you assign a host-name to a MAC-address, that's it.
.thank you for being patient with me ;-)!
-
@hova said in DHCP not registering hostnames in DNS:
I think I still was not able to explain it - I try to name a device with a known MAC - without being forced to reserve a fix IP for it.
Which is rather pointless.
This is a very basic elementary use-case, which works even in products like ddwrt/Tomato etc. - you assign a host-name to a MAC-address, that's it.
Those two use dnsmasq for both DNS and DHCP, in that case dnsmasq is doing this internally.
In pfSense dhcp and dns are handled by individual daemons, so you would need an additional communication layer between them. This adds more complexity, may require upstream code changes and might introduce additional bugs.
Even the currently implemented option to register dynamic leases in the Resolver has the drawback that every time a lease is created/updated unbound has to restart, which empties the DNS cache and can in combination with pfBlockerNG and big DNSBL lists cause DNS outages for a few seconds.
IMO any further discussion of that topic here is rather pointless, you have the following options:
- Create a feature request on redmine. Then you'll see if, and with what priority, the developers are interested in such an option.
- Add IPs to your static leases and be done with it.
- Don't use pfSense for DNS and DHCP, instead use an additional host for that. Pi-Hole for example uses dnsmasq so check whether it can also be used as an DHCP server.
- Don't use pfSense at all and go back to dd-wrt or tomato.
-
You might be able to do this with this statement
The use-host-decl-names statement use-host-decl-names flag; If the use-host-decl-names parameter is true in a given scope, then for every host declaration within that scope, the name provided for the host declaration will be supplied to the client as its hostname. So, for example, group { use-host-decl-names on; host joe { hardware ethernet 08:00:2b:4c:29:32; fixed-address joe.example.com; } } is equivalent to host joe { hardware ethernet 08:00:2b:4c:29:32; fixed-address joe.example.com; option host-name "joe"; } Additionally, enabling use-host-decl-names instructs the server to use the host declaration name in the the forward DNS name, if no other values are available. This value selection process is discussed in more detail under DNS updates. An option host-name statement within a host declaration will override the use of the name in the host declaration. It should be noted here that most DHCP clients completely ignore the host-name option sent by the DHCP server, and there is no way to configure them not to do this. So you generally have a choice of either not having any hostname to client IP address mapping that the client will recognize, or doing DNS updates. It is beyond the scope of this document to describe how to make this determination.
But this is not able to do currently without major hack to the dhcpd.conf file.. Its possible to do some custom options in this file... But pfsense creates the files from info in the xml, etc. So I its not just click click.
And I understand what your saying - I just don't get the actual use case... I just don't If your going to go to the trouble of creating a reservation.. Just freaking put in an IP and all of your problems go away!! you get exactly what your asking
deviceABC4762X will resolve via customname.yourdomain.xyz...
Its like your causing your own pain because for some odd reason you can not take .2 seconds to put in IP address 1.2.3.X when you create the reservation.
-
Thank you, I'll check your script. At least somebody is answering to the topic, cool!
Everyone has different needs; when refactorying the net, you have 2secs-times-n, where n can be around 100 also on a small home LAN. When somebody doesn't need the IP, only the name, it's a valid need, regardless if some folks think it's useless or stupid.
To have a name without an IP makes perfect sense for me and many others, as there are other routers doing exactly this. pfSense is much better than most of them, that's why I was expecting such an elementar use-case to be supported.
I wouldn't have written so much here, but could not believe it's not supported. Maybe this helps somebody else one day, as it helped me.
Thank you ;-)!
-
Yeah unless you write this code yourself or place a bounty for it to happen... I don't think this is ever going to happen.. There are a bajillion better things the dev's could be doing - like changing ui to a cooler looking font... Which would fine 10000X more interest from their user base then like the 2 people that might want such a feature ;)
You have the time to create a reservation for client and put in the NAM and the mac but not the IP? I don't care if you have a 1000's freaking clients..
You know you could just load this in from a file right? You don't have to do it all by hand in the gui.
I can load 1000's reservations via an xml restore in couple of seconds... Vs all this nonsense of just put in reservation without the IP.And then on the other end - if you have 1000 freaking clients if they get an IP who freaking cares if their name is deviceXZY or YourName, etc.
-
Not expecting any replies here since the topic is quite old. But the @hova request/question is far from being "stupid". I'm sure there're lots of folks who would like to just change the device name w/o worrying about the IP, me including. The fact that this feature functions properly in many other routers also proves that it's not "stupid" and there are legit use cases for it.
Now, saying "it works JUST fine" is not being completely honest. What is the expected behavior when adding static lease record without an IP in the UI? Any sane person would expect this MAC<->NAME mapping to just work, and if it doesn't work this way then you should always force the user to provide a static IP address and not allow adding static mappings without it, period! It's better than seeing two records in the leases - what's the meaning of this:
It's clear that there's a "freaking" problem that needs addressing.
-
Use case:
I want to setup rules in the firewall by using aliases like groups. I setup dhcp statics with MAC and hostnames, without IP cause i don't care about IP number. I use those hostnames in the aliases and not the real hostname cause that way i don't need to be worried about the hostname in case of OS re-installation -for example-. That should work, and doesn't. -
Totally agree with @mimino and @hova. I think there are plenty of people who would want to use static mappings to override the hostname and maybe add a Description. As mimino said, the IP is OPTIONAL in the static mapping UI and in the docs it says "The IP address field may be left blank to have the client pull its address from a pool." Why? If static mappings are useless without the IP , why not make the field required?
My home network has tons of IOT devices with absolutely useless hostnames or no name at all in some cases. Use Case: When I look at the Status > DHCP Leases page, hostnames that actually help me identify the device would be helpful. At the same time I do not care what IP the DHCP server gives to that client. Isn't not worrying about IPs why we all love DHCP?
If I have to provide an IP to make this work, fine. But it's certainly not an unreasonable or baffling request, especially considering the static mapping UI.
-
Adding my voice to this request. I’m in a lab where we test hundreds of consumer networked devices. Having the ability to access the devices by name via MAC to Hostname mapping without having to worry about static IP allocation was apparently something I took for granted before switching to PFSense. Loving everything else about the switch to PFS, but this is a big deal for us.
-
@jjiburg said in DHCP not registering hostnames in DNS:
Having the ability to access the devices by name via MAC to Hostname mapping without having to worry about static IP allocation
I still don't get this - put in an IP.. Your already put in the name and mac - so put in an IP.. just put them in order when you load the xml
hostA aa:bb:cc 192.168.1.10
hostb dd:ee:ff 192.168.1.11
etc. etc..You stated your self you don't care what the IP is, so don't care just put fill it out in sequence...
-
@johnpoz Who said anything about creating and loading XML?
-
The first part of this thread! How else you going to load in the hostnames you want to put in.
You can for sure put in rules based upon name, but they need to be able to resolve.. So they have to register their names, etc. etc.. So you need to know what the name is, ie a reservation..
edit: lay out exactly the scenario you want... So there are 100's or 1000's of devices your testing.. And you want to access them by name.. So have them register their names.. If you don't like their names they register and you want to give them names like hostA, hostB, hostC, etc. etc.. To do that you need to have a way to know which device to give hostA.. so you know that by mac? So then just give it an IP as well..
I am really having a problem understanding the use case here.. You can load in 1000's of reservations in a like 10 seconds with xml load.. If you explain exactly what you want we can discuss ways to accomplish that... To be honest, maybe the best way to accomplish that is run your dhcp and dns on something other than your edge firewall/router.. When you need to do fancy shit with dhcp and dns - it moves away from just something you run on this device because you have it there.. Pfsense can not be all things to all people that does everything in every possible use case.. That is not what its meant to be ;) Nothing can be that to be honest..
That is why there are multiple dns options, multiple dhcpd options, etc.. Running dns and dhcp on pfsense is really just hey if you have these basic requirements (which really are not all that basic - the implementations are very robust).. You can do that sure.. But when you need something else you might need to run a different system to do that.
-
@hova said in DHCP not registering hostnames in DNS:
could not believe it's not supported. Maybe this helps somebody else one day, as it helped me.
Could not agree with you more. I am baffled by the hostility of the expert responses above. It's exactly the kind of attitude that makes otherwise great FOSS products fail in the long run, because someone else will create an equivalent product and be delighted that people want to use it and respond positively to requests for help and features!