Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Resolving DHCP clients to DNS

    Scheduled Pinned Locked Moved DHCP and DNS
    9 Posts 2 Posters 430 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MicWit
      last edited by

      I thought this was a simple setup, but it doesn't seem to be working. I want to have (internally) hostnames resolve to the DNS. So for example, if I was to have a domain of example.com, and the host name of my pfsense machine is pfsense, I would like it to resolve to pfsense.example.com (so in the browser I could go to https://pfsense.example.com to get the web interface).

      Pfsense is running on a NUC, so I only have one network port (designated to WAN) which has an IP of 10.1.1.1, an the modem has an IP of 10.1.1.100 (I have turned DHCP off on the modem). I have DHCP on on pfsense and am using a primary DNS of 10.1.1.1 and secondary of 8.8.8.8 and a gateway of 10.1.1.100. I can see these settings come up on the clients.

      Under System > General Settings I have set the domain to example.com and under DNS Resolver I have checked the options of "Register DHCP leases in the DNS Resolver" and "Register DHCP static mappings in the DNS Resolver" (some of the clients are on static mappings in the DHCP server).

      Is there anything else I need to do? Not sure why this is not working.

      1 Reply Last reply Reply Quote 0
      • kiokomanK
        kiokoman LAYER 8
        last edited by

        that's because your clients are using external dns instead of the dns resolver
        you have to assign only 10.1.1.1 as dns to the clients and eventually, forward requests to 10.1.1.1 and 8.8.8.8

        ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
        Please do not use chat/PM to ask for help
        we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
        Don't forget to Upvote with the 👍 button for any post you find to be helpful.

        1 Reply Last reply Reply Quote 0
        • M
          MicWit
          last edited by

          Swapped it back to just the one DNS server and still doesn't work. I can still see everything online, but not the hostnames (now trying a .home domain as well). I tried a host override and it didn't work either. Its like the resolver is not resolving the DHCP hostnames or override entries. The weird thing is that on the pfsense server when I do a Diagnostics > DNS Lookup it finds both the hosts and the override. For some reason the DNS server is not passing them on to clients!

          1 Reply Last reply Reply Quote 0
          • M
            MicWit
            last edited by

            OK, quick update.... Seems there was just a lag when doing some of my testing. When I leave only the one DNS server in the DHCP settings (the IP of pfsense), even with port forwarding on, it fails to resolve anything. I think the clients were just seeing that the first option (pfsense) was not working and resolving straight to google servers. So it seems the resolver in pfsense is not working at all!

            1 Reply Last reply Reply Quote 0
            • kiokomanK
              kiokoman LAYER 8
              last edited by

              idk, never used dns resolver, you need to check its configuration, also you need port 53 udp/tcp open

              ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
              Please do not use chat/PM to ask for help
              we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
              Don't forget to Upvote with the 👍 button for any post you find to be helpful.

              1 Reply Last reply Reply Quote 0
              • M
                MicWit
                last edited by

                Tried opening port 53 on the firewall (on pfsense), no difference. All the settings in the resolver look good. I have had this running in the past, so I know it works!

                1 Reply Last reply Reply Quote 0
                • kiokomanK
                  kiokoman LAYER 8
                  last edited by

                  do you have forwarding enable ? if yes what do you have inside system / general setup ?

                  ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
                  Please do not use chat/PM to ask for help
                  we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
                  Don't forget to Upvote with the 👍 button for any post you find to be helpful.

                  1 Reply Last reply Reply Quote 0
                  • M
                    MicWit
                    last edited by

                    I do, in system general I have pfsense as first and Google as second.

                    1 Reply Last reply Reply Quote 0
                    • M
                      MicWit
                      last edited by MicWit

                      OK, for anyone that has an issue in future, there are 2 main things that need to be done:

                      1. Set a rule for port 53 (DNS) to allow
                      2. Set up an Access List (at the top of the page for the resolver). This would normally be for the network range you are using (or any range you want to access this DNS).

                      I also unticked the forwarding option as I have been told that is to always forward, pfsense will still resolve with the DNS servers in the general settings.

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.