Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfSense serving old DNS records - DNS Resolver / unbound

    Scheduled Pinned Locked Moved DHCP and DNS
    4 Posts 2 Posters 3.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      roderick1st
      last edited by

      Hi,

      I am having an issue where pfSense is serving up old statically set DNS records. Im using DNS resolver (unbound)

      I had a Host Overide set as hass.test.local -> 192.168.5.50

      I then changed the Host Overide to hass.test.local -> 192.168.5.52 (Server IP had changed as moving service to different server)

      When I clear the DNS cache on my windows machine I now get served the old IP and the new IP with the old being at the top of the list.

      nslookup hass.test.local
Server : gateway.test.local
Address: 192.168.1.1

Name: hass.test.local
Address: 192.168.5.50
      192.168.5.52

      If I run Dig on the pfSense box I get both IP address returned.

      
dig hass.test.local

; <<>> DiG 9.11.2 <<>> hass.test.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65408
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;hass.test.local.      IN      A

;; ANSWER SECTION:
hass.test.local. 3600  IN      A       192.168.5.50
hass.test.local. 3600  IN      A       192.168.5.52

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Mar 03 23:41:17 UTC 2018
;; MSG SIZE  rcvd: 85

      I have restarted unbound.

      I have flushed the cache

      unbound-control -c /var/unbound/unbound.conf flush_zone test.local

      I cant find any reference to hass in the cache

      unbound-control -c /var/unbound/unbound.conf dump_cache | grep test.local

      Any suggestions on how to remove the old IP and stop it being served out to clients?

      1 Reply Last reply Reply Quote 0
      • R
        roderick1st
        last edited by

        I have found a fix but I'm not sure if this is a bug or general unbound behaviour.

        To fix:
        I deleted all references to hass.test.local in the Host Overrides section (in the GUI)

        Restarted unbound service (GUI)

        re added hass.test.local -> 192.168.5.52 (GUI)

        Reviewing the host_entries.conf file all old hosts were still in the file so I manually removed them with vi leaving only the correct host. (Console)

        Restarted unbound service (GUI)

        Fixed!

        Is there a bug in the Host Overrides sections where old host references are not being deleted?

        1 Reply Last reply Reply Quote 0
        • R
          roderick1st
          last edited by

          Sorry, answering my own post again but I think I have found the real reason.

          I still had the new server getting and IP address through DHCP and had left it statically assigned an address with the old hostname Hass. I think this must have been registering in unbound.

          1 Reply Last reply Reply Quote 1
          • johnpozJ
            johnpoz LAYER 8 Global Moderator
            last edited by

            Yes a dhcp reservation/static can be set to registered.  Doing so and then creating a host overrride with a different IP would give you 2 IPs for the same host name.

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.