how to resolve local hostname to ip in pfSense
-
A simple question: in pfSense, how to resolve local hostname to ip in LAN?
Our dhcp server is not running in pfSense, and it is running in another machine inside LAN. We use DNS forwarder in pfSense. the hostnames in our LAN is like machine1, machine2, ... The pfSense machine is our gateway machine and DNS server. How can I set in pfSense in order that users in any machine of our LAN can do: "ping machine1".
Thanks for any suggestions.
-
If you're forwarding the other DNS, you should still be able to provide host names for your LAN. However, if the devices use DHCP, you'll want to configure the DHCP server to provide host overrides.
-
Thanks JKnott. My dhcp server is not in the pfSense machine, and my dhcp server is in another non-pfsense machine. The first dns server in my LAN is the pfSense machine (i.e. our gateway).
How can I make our LAN users can resolve any LAN hostname to LAN IP? What changes in pfSense I should make?
-
Creating a DNS entry for a specific IP address is easy. Your problem is that without a host override on the DHCP server, the address may change.
I use host overrides for all DHCP devices on my network, which maps a specific address to the device MAC address. This means the IP address will not change. If I didn't use the override, then the address could change and I'd then have to change the DNS.
-
Thank jknott.
Would you please let me know how to create a DNS entry for a specific IP. And how to set a host overrides.Our pfSense use DNS forwarder, and our DHCP server is in another machine. In the pfSense machine, the host overrides in the DNS forwarder setting page need to input domain. That is host overrides in the pfSense host overrides have to be something like:
hostname.domainname to a IP.
But I want to have:
hostname to a IP.Say my hostname is host1, and ts IP is 192.168.0.1, I want to have a pair: (host1, 192.168.0.1). But pfSense only let me have a pair: (host1.domain.local, 192.168.0.1)
Please advise further. Thanks.
-
You can go to the Forwarder page in pfSense and at the bottom you'll find Host Overrides. You just create an entry for the IP address and host name. You can do the address mapping on the DHCP server page, but I thought you were using a different DHCP server. Can you set up the mappings on it? It should have something similar to what's in pfSense.
-
Also, with some DHCP servers, such as pfSense, you can use the DHCP server to provide the host name the DNS server, in which case you don't have to worry about the address changing. However, without knowing more about what you have, I can't offer more advice.
-
Th jknott. I cannot set in pfSense dhcp page because my dhcp is not in pfSense.
"You can go to the Forwarder page in pfSense and at the bottom you'll find Host Overrides. ". I tried this page too. But it need hostname plus domainname. cannot be set as hostname only.
Don't know how to bypass it without domain name input. Wish more helps.
-
You just use whatever domain name is used on your network. Do you not know what the domain name is?
-
"You just use whatever domain name is used on your network."
Then we have write full name like: host1.company.com. For example:
"# ping host1.company.com" works.
"# ping host1" not work
But in LAN, we want to use hostname only, not full name. -
@caigeliu said in how to resolve local hostname to ip in pfSense:
But in LAN, we want to use hostname only, not full name.
With a DNS server either will work. He wants to use whatever domain name is used on that network.
-
Usually if we edit /etc/hosts of pfsense like "10.0.10.253 host1 host1.mydomain.com", we can "ping host1" in any machines of our LAN because pfSense is a gateway and DNS forwarder of our LAN. But in my case I can not "ping host1".
Can anyone give me suggestions on how to make records in /etc/hosts of pfSense works for any of our LAN machines?
-
@caigeliu said in how to resolve local hostname to ip in pfSense:
Can anyone give me suggestions on how to make records in /etc/hosts of pfSense works for any of our LAN machines?
I thought you said you had a forwarder on pfSense. If so, and you're using it for your DNS, it should happen automatically.
-
The problem is that my pfsense dns forwarder doesn't read /etc/hosts of pfsesne. and we cannot "ping host1" from our LAN.
How to make records of /etc/hosts in pfsense being used by the pfsense dns forwarder?
-
It should. When you set up the DNS records, they get saved in /etc/hosts. Are you using pfSense as your DNS server?
-
@caigeliu said in how to resolve local hostname to ip in pfSense:
The problem is that my pfsense dns forwarder doesn't read /etc/hosts of pfsesne. and we cannot "ping host1" from our LAN.
How to make records of /etc/hosts in pfsense being used by the pfsense dns forwarder?
You need to create host overrides within the DNS Resolver used by pfSense. That program is
unbound
, but you configure it under SERVICES > DNS RESOLVER.You can use
unbound
in either resolver or forwarder mode, but resolver mode is how it works out-of-the-box and is the recommended way of using it.If you are using the old DNS Fowarder (actually
dnsmasq
), then you configure that under SERVICES > DNS FORWARDER. That component is now disabled in the default out-of-the-box configuration. -
@JKnott said in how to resolve local hostname to ip in pfSense:
It should. When you set up the DNS records, they get saved in /etc/hosts. Are you using pfSense as your DNS server?
@JKnott, I believe that
unbound
now runs in a type of chroot jail under /var/ and has its own local /etc/hosts structure independent of the system path. Configuration information from the GUIconfig.xml
file is used to create the files in the chroot jail. -
Either way, if you create the DNS records, they should be available to every device using the DNS server.
I hope you didn't directly edit the hosts file, instead of doing it in the GUI.
-
@JKnott said in how to resolve local hostname to ip in pfSense:
I hope you didn't directly edit the hosts file, instead of doing it in the GUI.
Sounds like he was directly editing the /etc/hosts file. That will work for DNS lookups on the local firewall (although it is still bad practice), but external clients asking a DNS server on the firewall for addresses won't get those host entries. They will instead get whatever the DNS server has it in its own internal databases.
-
thank both jknott and bmeeks.
We use dns forwarder in pfsense, not dns resolver. I edit /etc/hosts in pfsense and added record like "10.0.10.251 host1 host1.mydomain.com". And the pfsesne is our LAN DNS server.We cannot make "# ping host1" works in our LAN.
Maybe I have to switch to DNS resolver?