how to resolve local hostname to ip in pfSense

JKnott

@caigeliu

You can go to the Forwarder page in pfSense and at the bottom you'll find Host Overrides. You just create an entry for the IP address and host name. You can do the address mapping on the DHCP server page, but I thought you were using a different DHCP server. Can you set up the mappings on it? It should have something similar to what's in pfSense.

JKnott

@caigeliu

Also, with some DHCP servers, such as pfSense, you can use the DHCP server to provide the host name the DNS server, in which case you don't have to worry about the address changing. However, without knowing more about what you have, I can't offer more advice.

caigeliu

Th jknott. I cannot set in pfSense dhcp page because my dhcp is not in pfSense.

"You can go to the Forwarder page in pfSense and at the bottom you'll find Host Overrides. ". I tried this page too. But it need hostname plus domainname. cannot be set as hostname only.

Don't know how to bypass it without domain name input. Wish more helps.

JKnott

@caigeliu

You just use whatever domain name is used on your network. Do you not know what the domain name is?

caigeliu

"You just use whatever domain name is used on your network."

Then we have write full name like: host1.company.com. For example:
"# ping host1.company.com" works.
"# ping host1" not work
But in LAN, we want to use hostname only, not full name.

JKnott

@caigeliu said in how to resolve local hostname to ip in pfSense:

But in LAN, we want to use hostname only, not full name.

With a DNS server either will work. He wants to use whatever domain name is used on that network.

caigeliu

Usually if we edit /etc/hosts of pfsense like "10.0.10.253 host1 host1.mydomain.com", we can "ping host1" in any machines of our LAN because pfSense is a gateway and DNS forwarder of our LAN. But in my case I can not "ping host1".

Can anyone give me suggestions on how to make records in /etc/hosts of pfSense works for any of our LAN machines?

JKnott

@caigeliu said in how to resolve local hostname to ip in pfSense:

Can anyone give me suggestions on how to make records in /etc/hosts of pfSense works for any of our LAN machines?

I thought you said you had a forwarder on pfSense. If so, and you're using it for your DNS, it should happen automatically.

caigeliu

The problem is that my pfsense dns forwarder doesn't read /etc/hosts of pfsesne. and we cannot "ping host1" from our LAN.

How to make records of /etc/hosts in pfsense being used by the pfsense dns forwarder?

JKnott

@caigeliu

It should. When you set up the DNS records, they get saved in /etc/hosts. Are you using pfSense as your DNS server?

bmeeks

@caigeliu said in how to resolve local hostname to ip in pfSense:

The problem is that my pfsense dns forwarder doesn't read /etc/hosts of pfsesne. and we cannot "ping host1" from our LAN.

How to make records of /etc/hosts in pfsense being used by the pfsense dns forwarder?

You need to create host overrides within the DNS Resolver used by pfSense. That program is unbound, but you configure it under SERVICES > DNS RESOLVER.

You can use unbound in either resolver or forwarder mode, but resolver mode is how it works out-of-the-box and is the recommended way of using it.

If you are using the old DNS Fowarder (actually dnsmasq), then you configure that under SERVICES > DNS FORWARDER. That component is now disabled in the default out-of-the-box configuration.

bmeeks

@JKnott said in how to resolve local hostname to ip in pfSense:

@caigeliu

It should. When you set up the DNS records, they get saved in /etc/hosts. Are you using pfSense as your DNS server?

@JKnott, I believe that unbound now runs in a type of chroot jail under /var/ and has its own local /etc/hosts structure independent of the system path. Configuration information from the GUI config.xml file is used to create the files in the chroot jail.

JKnott

@bmeeks

Either way, if you create the DNS records, they should be available to every device using the DNS server.

I hope you didn't directly edit the hosts file, instead of doing it in the GUI.

bmeeks

@JKnott said in how to resolve local hostname to ip in pfSense:

I hope you didn't directly edit the hosts file, instead of doing it in the GUI.

Sounds like he was directly editing the /etc/hosts file. That will work for DNS lookups on the local firewall (although it is still bad practice), but external clients asking a DNS server on the firewall for addresses won't get those host entries. They will instead get whatever the DNS server has it in its own internal databases.

caigeliu

thank both jknott and bmeeks.
We use dns forwarder in pfsense, not dns resolver. I edit /etc/hosts in pfsense and added record like "10.0.10.251 host1 host1.mydomain.com". And the pfsesne is our LAN DNS server.

We cannot make "# ping host1" works in our LAN.

Maybe I have to switch to DNS resolver?

JKnott

@caigeliu

The solution has already been provided. Don't edit /etc/hosts directly. Create the records on the forwarder page. That way, you can use pfSense as your DNS server. It will return the address for anything that you've added and, failing that, get the info from whatever DNS server it points to.

bmeeks

@caigeliu said in how to resolve local hostname to ip in pfSense:

thank both jknott and bmeeks.
We use dns forwarder in pfsense, not dns resolver. I edit /etc/hosts in pfsense and added record like "10.0.10.251 host1 host1.mydomain.com". And the pfsesne is our LAN DNS server.

We cannot make "# ping host1" works in our LAN.

Maybe I have to switch to DNS resolver?

No, if you are still using the old DNS Forwarder in pfSense, then go to SERVICES > DNS FORWARDER and then scroll down that page until you see the section for Host Overrides. Create new host entries there and you should be good to go (assuming that all of your LAN clients are pointed to the pfSense firewall for their DNS services).

caigeliu

"No, if you are still using the old DNS Forwarder in pfSense, then go to SERVICES > DNS FORWARDER and then scroll down that page until you see the section for Host Overrides. Create new host entries there and you should be good to go (assuming that all of your LAN clients are pointed to the pfSense firewall for their DNS services)."

I have done exactly too. But it only works for "# ping host1.mydomain.com", not work for "#ping host1".

We want "# ping host1" work in our LAN. pfSense is our dns server. we use dns forwarder.

JKnott

@caigeliu said in how to resolve local hostname to ip in pfSense:

But it only works for "# ping host1.mydomain.com", not work for "#ping host1"

That's a function of the client, not the server. In the client, there should be a place where the local domain is specified. With that, when you only specify the host, the domain is automagically appended. This is why I earlier said to use the same domain name as the network already uses. So, if the LAN is part of mydomain.com, then you would use that in configuring the DNS records, as you were trying to do earlier. That is, in the forwarder host overrides, you would create a record for host1 with host1 in the host box and mydomain.com in the domain box.

caigeliu

"That's a function of the client, not the server. ".

I think it should be a function of DNS server. Is there a function in pfsense DNS forwarder that when query of "host1" is received by the dns forwarder, the dns forwarder automatically search host1.mydomain.com and return that IP to user?