Unbound not resolving queries for static mappings in DHCP range [SOLVED]

cetteup

Hi all,

I am having a weird issue with one of my PfSense installs.

PfSense version: 2.4.4-RELEASE-p1 (amd64)
Hardware: PC Engines APU2

I have a couple of static DHCP mappings configured - some outside the DHCP range with a manually specified IP address, some inside the DHCP range. My PfSense is set up to "Register DHCP static mappings in the DNS Resolver". This works fine for any static mapping with a manually specified IP address (outside DHCP range). However, I keep getting NXDOMAIN-errors when trying to resolve a hostname for a machine with a static mapping within the DHCP range. I have turned all relevant settings off and on again, restarted the respective services, restarted the firewall itself, tested this both on a few clients and the nslookup tool in PfSense - it just won't work. Once I simply add an IP address to the static mapping and apply the changes, the hostname can be resolved instantly.

I have another PfSense box that is configured very, very similarly that resolves queries for hostnames both within and outside the DHCP range without any issues.

Any ideas what I messed up here?

jimp

Are you testing using short names or are you adding the domain of the firewall on when trying to look them up?

cetteup

@jimp I have tested both, neither works. Both variants work on the other PfSense box I have (same hardware; seemingly identical setup for DHCP and DNS).

jimp

What do you have in /var/unbound/dhcpleases_entries.conf? Is the dhcpleases daemon running?

cetteup

/var/unbound/dhcpleases_entries.conf appears to be empty:

[2.4.4-RELEASE][admin@pfSense.domain]/root: cat /var/unbound/dhcpleases_entries.conf
[2.4.4-RELEASE][admin@pfSense.domain]/root:

dhcpleases is not running:

[2.4.4-RELEASE][admin@pfSense.domain]/root: ps aux | grep dhcpleases
root    53138   0.0  0.1  6564  2464  0  S+   16:13       0:00.01 grep dhcpleases

jimp

Do you have Register DHCP leases in the DNS Resolver checked under Services > DNS Resolver? It's a separate option from the static mappings checkbox.

cetteup

Register DHCP leases in the DNS Resolver is disabled (on both boxes).

jimp

You need to have that checked. Otherwise it can't determine the hostname/IP address pairing for dynamic allocations.

cetteup

Ok, thank you very much for your help.

That setting used to be turned on on my other box and the contents of /var/unbound/dhcpleases_entries.conf apparently don't get "flushed" if the setting is disabled. So that box was still able to resolve the hostnames even though the setting had already been turned off.

4o4rh

@jimp The "Register DHCP leases in the DNS Resolver" checkbox no longer appears on 24.03 and static DHCP addresses are not being resolved

Gertjan

@4o4rh

4o4rh

@Gertjan you are a devil that only exists with ISC DHCP and not Kea DHCP.
I have reverted back to ISC until the enhancements to Kea are done