Unbound not resolving queries for static mappings in DHCP range [SOLVED]
-
Hi all,
I am having a weird issue with one of my PfSense installs.
PfSense version: 2.4.4-RELEASE-p1 (amd64)
Hardware: PC Engines APU2I have a couple of static DHCP mappings configured - some outside the DHCP range with a manually specified IP address, some inside the DHCP range. My PfSense is set up to "Register DHCP static mappings in the DNS Resolver". This works fine for any static mapping with a manually specified IP address (outside DHCP range). However, I keep getting NXDOMAIN-errors when trying to resolve a hostname for a machine with a static mapping within the DHCP range. I have turned all relevant settings off and on again, restarted the respective services, restarted the firewall itself, tested this both on a few clients and the nslookup tool in PfSense - it just won't work. Once I simply add an IP address to the static mapping and apply the changes, the hostname can be resolved instantly.
I have another PfSense box that is configured very, very similarly that resolves queries for hostnames both within and outside the DHCP range without any issues.
Any ideas what I messed up here?
-
Are you testing using short names or are you adding the domain of the firewall on when trying to look them up?
-
@jimp I have tested both, neither works. Both variants work on the other PfSense box I have (same hardware; seemingly identical setup for DHCP and DNS).
-
What do you have in
/var/unbound/dhcpleases_entries.conf? Is thedhcpleasesdaemon running? -
/var/unbound/dhcpleases_entries.conf appears to be empty:
[2.4.4-RELEASE][admin@pfSense.domain]/root: cat /var/unbound/dhcpleases_entries.conf [2.4.4-RELEASE][admin@pfSense.domain]/root:dhcpleases is not running:
[2.4.4-RELEASE][admin@pfSense.domain]/root: ps aux | grep dhcpleases root 53138 0.0 0.1 6564 2464 0 S+ 16:13 0:00.01 grep dhcpleases -
Do you have Register DHCP leases in the DNS Resolver checked under Services > DNS Resolver? It's a separate option from the static mappings checkbox.
-
Register DHCP leases in the DNS Resolver is disabled (on both boxes).
-
You need to have that checked. Otherwise it can't determine the hostname/IP address pairing for dynamic allocations.
-
Ok, thank you very much for your help.
That setting used to be turned on on my other box and the contents of /var/unbound/dhcpleases_entries.conf apparently don't get "flushed" if the setting is disabled. So that box was still able to resolve the hostnames even though the setting had already been turned off.
