Unbound wont resolve domains using localhost
-
Hi,
I have a client who has come across a weird problem I haven't seen before and I am not sure how to fix. A couple of domains they use resolve to 127.0.0.1 as the app is running locally on there computers. When I do a lookup for the domain i.e "loop.foo.com" pfsense doesnt resolve it (also tried locally within the webgui). When I try direct to google dns from my phone it works. I added a static entry in pfsense for the domain and it works as it should, so I have a temporary workaround.
The set up is a single VM in ESXI running Unbound and pfblocker with openDNS as the external dns.
Any ideas where the problem could be?
tldr: If the domain resolves to 127.0.0.1 it fails when going through pfsense.
-
@haberdabers said in Unbound wont resolve domains using localhost:
If the domain resolves to 127.0.0.1 it fails when going through pfsense.
Well that would be a rebind, so no unbound will not return that..
You would need to disable rebind protection, or set that domain as private so it would not do rebind protection on it.
https://docs.netgate.com/pfsense/en/latest/services/dns/rebinding.html
-
Thanks Johnpoz. Just found the issue when you posted. I have entered the domain into the advanced options using "private-domain: foo.com" and all is good again.
https://blog.jenningsga.com/pfsense-dns-resolver-and-private-domains/
Thanks once again.
-
dig loop.foo.com A +short 34.206.39.153That's not 127.0.0.1.
Btw : I'm using default resolver settings.
edit : Google agress with me :
dig @8.8.8.8 loop.foo.com A +short 34.206.39.153 -
I take it his foo.com was just a placeholder, I don't think that was his actual domain ;)
-
It was a placeholder
. Amazed someone had registered it. -
@haberdabers said in Unbound wont resolve domains using localhost:
Amazed someone had registered it.
Your fault.
You mentioned it, they bought it quickly so you have to negotiate now ;)