Full Domain Required for LAN Usage Only?
-
I think I know the answer to this, but I want to check and see if I've got it worked out.
Say, for my LAN, I'm using rivendell.me for the domain on my LAN and I specify this under General Setup. I have systems on my LAN named elrond, gandalf, and gimli.
What I'd like to do is to be able to use just the system name within the LAN. For instance:
host gimli
ping elrondAt this point, using pfSense as my DHCP server and as a DNS resolver, I can type "host gimli" and get the IP address for gimli. But if I type "ping gimli," I get a message that the local host name cannot be resolved.
For just what I have on my LAN, I'd like to be able to use just the system names and not have to append the full domain to a system name when I use it.
From what I've read, it's incorrect behavior for a DNS resolver to allow usage of just the system name. Therefore, if I want to be able to just type "ping gimli" and have a good result, that's not possible unless I make changes on my system to tell it to automatically append rivendell.me to host names for any searches.
Is this correct? Or is there some way to specify, within pfSense, to handle this (so I don't have to make changes on each computer on my LAN)?
I also would like to know why "host gimli" works, but "ping gimli" does not.
-
afaik if it's windows the dns suffix is automatically added if it is received from the dhcp server
Scheda LAN wireless Wi-Fi: Suffisso DNS specifico per connessione: kiokoman.home Indirizzo IPv6 locale rispetto al collegamento . : fe80::64ee:8085:95b:32fc%9 Indirizzo IPv4. . . . . . . . . . . . : 192.168.2.8 Subnet mask . . . . . . . . . . . . . : 255.255.255.0 Gateway predefinito . . . . . . . . . : 192.168.2.254so if i ping (or nslookup) something on my network, ping/nslookup add it automatically
C:\Users\Amministratore>ping nanto Esecuzione di Ping nanto.kiokoman.home [172.17.0.100] con 32 byte di dati: Risposta da 172.17.0.100: byte=32 durata=6ms TTL=63 Risposta da 172.17.0.100: byte=32 durata=8ms TTL=63 Risposta da 172.17.0.100: byte=32 durata=7ms TTL=63 Risposta da 172.17.0.100: byte=32 durata=7ms TTL=63C:\Users\Amministratore>nslookup nanto Server: nanto.kiokoman.home Address: 172.17.0.100under my ubuntu machine with a static ip i have inside /etc/network/interfaces
auto enp1s0 iface enp1s0 inet static address 172.17.0.100 netmask 255.255.255.0 gateway 172.17.0.254 nameserver 127.0.0.1 broadcast 172.17.0.255 dns-nameserver 127.0.0.1 search kiokoman.home <------------- dns-search kiokoman.home <-------------so when i ping a machine on my network it is automatically added
kiokoman@nanto:~$ ping Lenovo730 PING Lenovo730.kiokoman.home (192.168.2.8) 56(84) bytes of data.in the end you are right on your assumption and you need this (DHCP server)
or you need to specify it on your network interface
̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
Please do not use chat/PM to ask for help
we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
Don't forget to Upvote with the 👍 button for any post you find to be helpful. -
The DNS server should work with either the host or other command, such as ping. It certainly works that way here.
-
yes, of course, it was a generic answer to it's latest question. idk why host work and ping not for him.
but for host, names with fewer dots are interpreted as relative names and will be searched for in the domains listed in the search or domain directive in /etc/resolv.confkiokoman@nanto:~$ cat /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN # 127.0.0.53 is the systemd-resolved stub resolver. # run "systemd-resolve --status" to see details about the actual nameservers. nameserver 127.0.0.1 search kiokoman.homeso it's possible that he have "search" inside resolv.conf but not "dns-search" in the interface configuration
-
So, basically, I do need to tell each separate machine on the LAN to add the domain to a host name when I provide only a host name?
-
yes, as i said it's automatic if you use dhcp server, otherwise you need to set the suffix
there probably is powershell/cmd command to do it but i never had the need for this -
Be careful here not to confuse domain searching with Windows own SMB/Netbios lookups. Windows tends to lookup via Netbios and then search but returning a result that looks like a domain search has happened and the domain was appended to the hostname.
Can cause a lot of headaches.
-
At this point, I'm using Macs and a few Linux systems, so no Windows systems on the LAN at the moment. I am using my pfSense firewall as the DHCP server and DNS Resolver. Sorry, I should have specified what systems I had on the LAN earlier, but I was thinking, "If there's a solution because of something on pfSense, OS shouldn't matter." My bad.
What I find odd is that "ping gimli" doesn't work and "host gimli" does work. I have added rivendell.me as a search domain on my main workstation and things are working okay from there. I was just hoping there was something I could do on pfSense, to either the DHCP server or DNS resolver settings, to make it work for all systems without having to change settings on each system.
-
pfsense will not return an answer to a non qualified query.. A query for dns to resolve needs to be fully qualified, you can hand out the domain clients should use via dhcp... Pretty much all OSes will leverage this..
-
Okay, that's what I thought, but I figured I'd ask to make sure I have a clear understanding of what's going on. I also figured that if I was wrong, I'd like to know what I could do instead.
Thank you, everyone!
-
@TangoOversway said in Full Domain Required for LAN Usage Only?:
So, basically, I do need to tell each separate machine on the LAN to add the domain to a host name when I provide only a host name?
Only if you're using static config. With DHCP it should happen automagically. On the DHCP server page, there's a box for the domain name. It's normally left blank so that the default name is used.
PfSense running on Qotom mini PC
i5 CPU, 4 GB memory, 64 GB SSD & 4 Intel Gb Ethernet ports.
UniFi AC-Lite access pointI haven't lost my mind. It's around here...somewhere...
-
@JKnott said in Full Domain Required for LAN Usage Only?:
@TangoOversway said in Full Domain Required for LAN Usage Only?:
So, basically, I do need to tell each separate machine on the LAN to add the domain to a host name when I provide only a host name?
Only if you're using static config. With DHCP it should happen automagically. On the DHCP server page, there's a box for the domain name. It's normally left blank so that the default name is used.
This is why I ask questions, even if I think it might be a dumb question. I didn't realize that! I don't know how, but I missed the domain field on the DHCP Server page, so I made the change and tested and it's working fine. (This will also make it easier for my wife to do things like play video and music files off of network shares.)
So why is it possible to do this with DHCP, but not with a static config?
-
It is possible to do with a static config... You just need to set up the machines actual domain name and or search suffix..
A machine should always have a fqdn, not just a host name..
Your pfsense machine has a domain name, when you set it up.. defaulted to localdomain most likely.. This is common default..
What is in the domain of pfsense is what would be handed out, when you leave it blank in your dhcp settings.
