How to fix pfsense missing hostnames for devices with static ip configurations

johnpoz

Sure you can create dhcp reservations and load those into unbound. Be it you actually use them or not.

But when you said static, I took it that were creating the static on the device itself vs creating a dhcp reservation for it.

But yeah that method is fine too..

I would suggest you decide on what specific domain you want to use local. .local and or .localdomain are not very good choices. Do something that is not single label for starters.

I use local.lan for mine. Set that up in pfsense under general. It will then be used for any dhcp reservations. Use that for host overrides. And make sure all your clients use that as their domain.. Windows will then use it in their search suffix.. And you will be able to resolve stuff via just name because the os will auto do the domain search..

example - here is resolving pfsense via just using host

$ ping sg4860

Pinging sg4860.local.lan [192.168.9.253] with 32 bytes of data:
Reply from 192.168.9.253: bytes=32 time<1ms TTL=64

Notice how I just ping the hostname, but it comes back fully qualified sg4860.local.lan

You know a good choice for your local domain to use would be home.arpa
https://tools.ietf.org/html/rfc8375

I keep meaning to switch over to that ;) That might be a good little project for this afternoon - but bowl games are on ;)

And would also mean I would need to change all the certs currently using for switches and anything else using ssl locally.. Another reason have put off the move to the proper local domain to use.

mhweb

@johnpoz Thank you for your help.

nima

@johnpoz if i use host: nas and domain: home.arpa. as the RFC example i became errors from the DNS Revolver and it stops working.

johnpoz

@nima huh?

What did you do? What is not working? my nas uses that exact name - sure doesn't cause unbound to stop working.

$ ping nas.home.arpa                                         
                                                             
Pinging nas.home.arpa [192.168.9.10] with 32 bytes of data:  
Reply from 192.168.9.10: bytes=32 time<1ms TTL=64            
Reply from 192.168.9.10: bytes=32 time<1ms TTL=64            

nima

@johnpoz is there a point after the domainname? home.arpa. or home.arpa?

johnpoz

@nima huh?

Do you not understand how fqdn work?

No you would not put a . after home.arpa in the host override - if that is where you put it? Yeah that might confuse unbound? And might not start??

nima

@johnpoz I was also surprised but it is there:

                Special-Use Domain 'home.arpa.'

Abstract

This document specifies the behavior that is expected from the Domain
Name System with regard to DNS queries for names ending with
'.home.arpa.' and designates this domain as a special-use domain
name. 'home.arpa.' is designated for non-unique use in residential
home networks. The Home Networking Control Protocol (HNCP) is
updated to use the 'home.arpa.' domain instead of '.home'.

johnpoz

@nima

Yes the . on the end states its a TLD.. but you wouldn't put in when you create a host override..

nima

@johnpoz Okay. Apart from that why do you use two domains for one host? Is there a particular reason?

johnpoz

@nima because I am in the middle of converting from using local.lan to home.arpa - When I created the new ssl cert I put both on their as SAN..

Was not sure if I had anything using the local.lan as yet... I could prob remove it as this point..