4. Unbound not resolving queries for static mappings in DHCP range [SOLVED]

Unbound not resolving queries for static mappings in DHCP range [SOLVED]

  • C

    Hi all,

    I am having a weird issue with one of my PfSense installs.

    PfSense version: 2.4.4-RELEASE-p1 (amd64)
    Hardware: PC Engines APU2

    I have a couple of static DHCP mappings configured - some outside the DHCP range with a manually specified IP address, some inside the DHCP range. My PfSense is set up to "Register DHCP static mappings in the DNS Resolver". This works fine for any static mapping with a manually specified IP address (outside DHCP range). However, I keep getting NXDOMAIN-errors when trying to resolve a hostname for a machine with a static mapping within the DHCP range. I have turned all relevant settings off and on again, restarted the respective services, restarted the firewall itself, tested this both on a few clients and the nslookup tool in PfSense - it just won't work. Once I simply add an IP address to the static mapping and apply the changes, the hostname can be resolved instantly.

    I have another PfSense box that is configured very, very similarly that resolves queries for hostnames both within and outside the DHCP range without any issues.

    Any ideas what I messed up here?

    0
  • Rebel Alliance Developer Netgate

    Are you testing using short names or are you adding the domain of the firewall on when trying to look them up?

    0
    C
     1 Reply
  • C

    @jimp I have tested both, neither works. Both variants work on the other PfSense box I have (same hardware; seemingly identical setup for DHCP and DNS).

    0
  • Rebel Alliance Developer Netgate

    What do you have in /var/unbound/dhcpleases_entries.conf? Is the dhcpleases daemon running?

    0
  • C

    /var/unbound/dhcpleases_entries.conf appears to be empty:

    [2.4.4-RELEASE][admin@pfSense.domain]/root: cat /var/unbound/dhcpleases_entries.conf
[2.4.4-RELEASE][admin@pfSense.domain]/root:

    dhcpleases is not running:

    [2.4.4-RELEASE][admin@pfSense.domain]/root: ps aux | grep dhcpleases
root    53138   0.0  0.1  6564  2464  0  S+   16:13       0:00.01 grep dhcpleases
    0
  • Rebel Alliance Developer Netgate

    Do you have Register DHCP leases in the DNS Resolver checked under Services > DNS Resolver? It's a separate option from the static mappings checkbox.

    0
  • C

    Register DHCP leases in the DNS Resolver is disabled (on both boxes).

    0
  • Rebel Alliance Developer Netgate

    You need to have that checked. Otherwise it can't determine the hostname/IP address pairing for dynamic allocations.

    1
  • C

    Ok, thank you very much for your help. 👍

    That setting used to be turned on on my other box and the contents of /var/unbound/dhcpleases_entries.conf apparently don't get "flushed" if the setting is disabled. So that box was still able to resolve the hostnames even though the setting had already been turned off.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy