How to fix pfsense missing hostnames for devices with static ip configurations

mhweb · Jan 2, 2021, 2:56 PM

pfsense doesn't show hostname entries for the storage server (unRAID) and for pfsense router in the ARP table, so I can't reach them using their friendly names. These 2 devices happened to static ip configurations. How can I make pfsense list their hostnames?

Edit: the setup i have includes a range of .1 to .100 for manual static configurations and then .101 to .200 for dhcp.

johnpoz · Jan 2, 2021, 3:02 PM

Not showing name in pfsense arp table is not the reason you can not resolve the name of the box. If pfsense can not resolve the name - then no it wouldn't be listed in the arp table. But that is not the "reason" you can not use name..

If you want to access something via name, then create dns override for it unraid.yourdomain.tld for example.

Here is my nas for example

[2.4.5-RELEASE][admin@sg4860.local.lan]/root: arp -a | grep nas
nas.local.lan (192.168.9.10) at 00:11:32:7b:29:7d on igb0 expires in 461 seconds [ethernet]

The nas has a static IP set on it.. So to be able to resolve that I just created a host override.

mhweb · Jan 2, 2021, 3:26 PM

@johnpoz I was just playing with the static dhcp settings and creating a static assignment for server i want to resolve, and now the it appears in the arp table. is this another way to do this?
Also, if I use the host override as you mentioned, will I be able to see the entry in the arp table? also, can i use your option to connect to the pfsense router using hostname?
Thanks,

Edit: Why is pfsense isn't doing this automatically? I was doing it in the past, and then no more...
Edit 2: I ended up using your recommendation and it's resolving now. I'm using the default localdomain for the domain name in the network, and that's what I use for the parent domain of host, but it's strange to me that Windows 10 ping command only sees it as server.local not as server.localdomain.
Also, I would like to know if I can use your recommendation for access pfsense by hostname. Thanks,

johnpoz · Jan 2, 2021, 3:42 PM

Sure you can create dhcp reservations and load those into unbound. Be it you actually use them or not.

But when you said static, I took it that were creating the static on the device itself vs creating a dhcp reservation for it.

But yeah that method is fine too..

I would suggest you decide on what specific domain you want to use local. .local and or .localdomain are not very good choices. Do something that is not single label for starters.

I use local.lan for mine. Set that up in pfsense under general. It will then be used for any dhcp reservations. Use that for host overrides. And make sure all your clients use that as their domain.. Windows will then use it in their search suffix.. And you will be able to resolve stuff via just name because the os will auto do the domain search..

example - here is resolving pfsense via just using host

$ ping sg4860

Pinging sg4860.local.lan [192.168.9.253] with 32 bytes of data:
Reply from 192.168.9.253: bytes=32 time<1ms TTL=64

Notice how I just ping the hostname, but it comes back fully qualified sg4860.local.lan

You know a good choice for your local domain to use would be home.arpa
https://tools.ietf.org/html/rfc8375

I keep meaning to switch over to that ;) That might be a good little project for this afternoon - but bowl games are on ;)

And would also mean I would need to change all the certs currently using for switches and anything else using ssl locally.. Another reason have put off the move to the proper local domain to use.

mhweb · Jan 2, 2021, 3:49 PM

@johnpoz Thank you for your help.

nima · Jul 2, 2023, 8:19 AM

@johnpoz if i use host: nas and domain: home.arpa. as the RFC example i became errors from the DNS Revolver and it stops working.

johnpoz · Jul 2, 2023, 12:00 PM

@nima huh?

What did you do? What is not working? my nas uses that exact name - sure doesn't cause unbound to stop working.

$ ping nas.home.arpa                                         
                                                             
Pinging nas.home.arpa [192.168.9.10] with 32 bytes of data:  
Reply from 192.168.9.10: bytes=32 time<1ms TTL=64            
Reply from 192.168.9.10: bytes=32 time<1ms TTL=64

nima · Jul 2, 2023, 12:18 PM

@johnpoz is there a point after the domainname? home.arpa. or home.arpa?

johnpoz · Jul 2, 2023, 12:26 PM

@nima huh?

Do you not understand how fqdn work?

No you would not put a . after home.arpa in the host override - if that is where you put it? Yeah that might confuse unbound? And might not start??

nima · Jul 2, 2023, 12:42 PM

@johnpoz I was also surprised but it is there:

                Special-Use Domain 'home.arpa.'

Abstract

This document specifies the behavior that is expected from the Domain
Name System with regard to DNS queries for names ending with
'.home.arpa.' and designates this domain as a special-use domain
name. 'home.arpa.' is designated for non-unique use in residential
home networks. The Home Networking Control Protocol (HNCP) is
updated to use the 'home.arpa.' domain instead of '.home'.

johnpoz · Jul 2, 2023, 12:44 PM

@nima

Yes the . on the end states its a TLD.. but you wouldn't put in when you create a host override..

nima · Jul 2, 2023, 12:45 PM

@johnpoz Okay. Apart from that why do you use two domains for one host? Is there a particular reason?

johnpoz · Jul 2, 2023, 12:47 PM

@nima because I am in the middle of converting from using local.lan to home.arpa - When I created the new ssl cert I put both on their as SAN..

Was not sure if I had anything using the local.lan as yet... I could prob remove it as this point..