Why is the DNS entry for pfsense the lan interface?
-
I have multiple "LAN" interfaces, all on different subnets. I have Unbound running on all of them. When I execute a dig or nslookup, The DNS server which responded is the IP of the interface which the machine is connected to, which is what I expect.
However, the DNS entry of pfsense is the IP address of pfsense on the LAN interface, which is not what I expect. My expectation is that I'm responded to with the IP of the router on whatever interface I'm connected to.
e.g.
router name: pfsense.myweb.com
LAN- 192.168.1.1
OPT1 - 192.168.2.1On client connected to LAN:
nslookup pfsense.myweb.com
Server: 192.168.1.1
Address: 192.168.1.1#53Name: pfsense.myweb.com
Address: 192.168.1.1On client connected to OPT1:
nslookup pfsense.myweb.com
Server: 192.168.2.1
Address: 192.168.2.1#53Name: pfsense.myweb.com
Address: 192.168.2.1Have I goofed up the config somewhere or is this just wishful thinking? :)
I guess the DNS record would be kind of "dynamic" based on where the request is coming from, not sure if that is possible. -
doesn't work that way.. its a dns query for the specific FQDN pfsense.myweb.com
What you can do is create host overrrides for subdomain or different fqdn… So for example I have
pfsense.local.lan is my lan IP.
pfsense.wlan.local.lan for my wlan interface
pfsense.dmz.local.lan for my dmz interface
etc. etc..You could create views in unbound now to do what you want though.. But can not do it in the gui as of yet. With a view you could do what you want... I went over it here
https://forum.pfsense.org/index.php?topic=126740.msg699877#msg699877 -
You could create views in unbound now to do what you want though.. But can not do it in the gui as of yet. With a view you could do what you want… I went over it here
https://forum.pfsense.org/index.php?topic=126740.msg699877#msg699877Opened a feature request for tracking here: https://redmine.pfsense.org/issues/7852
-
Thanks dok.. A gui way to do this would be nice addition for sure..
-
Thanks both! This makes sense… will give it a whirl.
Would be great if that feature would include an option (default?) to automatically add views for resolving the pfsense's fqdn to the interface which the query is coming in on.