Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS static mappings and overrides conflict

    Scheduled Pinned Locked Moved DHCP and DNS
    3 Posts 2 Posters 1.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N Offline
      netnewb
      last edited by

      I've just updated to 2.3.3 from 2.3.2 and I've noticed that DHCP static mappings are resovled before host overrides.

      • I have an apache proxy server with several host overrides pointing to it (i.e.) [site1].[owndomain].net .

      • the proxy connects to several webservers on the same VLAN

      • In pFsense I've set [owndomain].net as domain name

      • In the DHCP server, I've set the webservers' hostnames in the form of [site1] , etc

      • and the same hostnames are in the DNS Unbound server "Host Overrides"

      When I try to connect to [site1].[owndomain].net , the firewall logs show that I'm trying to connect to the IPs registered in DHCP. The firewall blocks them so after a while they are connecting to the apache proxy IP.

      Either this didn't happen in 2.3.2, or Windows and Mac were using the DNS cache for a long time and I didn't notice. But I think it's the former.

      1 Reply Last reply Reply Quote 0
      • johnpozJ Offline
        johnpoz LAYER 8 Global Moderator
        last edited by

        So let me get this right.. you have a dhcp reservation and set to register this in your resolver..

        So site1.owndomain.net is like 192.168.1.100

        And then you did a host override and set site1.owndomain.net to 192.168.1.101 or something.. And your confused to why your resolving .100 vs .101???

        How exactly do you think this would work??  Its going to return both entries – see test I did.. I have register static dhcp for my workstation i5-win, ie then put in a host override for a different IP 10.10.10.10 - they both get returned when I query for that A record.

        The best you could hope for would be a round robin where they get returned in different order on a different query.. You really shouldn't have 2 entries for the same fqdn return different IPs if only 1 of those IP is going to answer what your going to ask it for..

        returnsboth.png_thumb
        returnsboth.png

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

        1 Reply Last reply Reply Quote 0
        • N Offline
          netnewb
          last edited by

          @johnpoz:

          And your confused to why your resolving .100 vs .101???

          It was more of an observation. I didn't notice they have the same entry in DHCP mappings and DNS host overrides until I updated pfsense and they stopped working right.

          In DNS Forwarder (I'm using resolver) there is a checkbox to resolve DHCP mappings first, so I assume the reverse applies: if there's the same entry in DNS Forwarder as in DHCP, the host override takes precedence.

          But, again, for me it's not a problem, it was something I noticed.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.