Register DHCP leases in the DNS Resolver - Not working

gauthig

After fresh install no local devices would resolve with DNS Resolver. Static devices do, but not dynamic.

Restarted DNS resolver and also rebooted same thing. Option is set like it was before the upgrade to 23.01.b.20221216.0600 .

I tested locally on the firewall with nslookup and ensured I am pointing to the firewall DNS Resolver, can only resolve Static addresses but not Dynamic. Resolving with external domains is fine, i.e. the resolver does connect and return result's from root servers.

Gertjan

@gauthig

cat /etc/hosts

Are they there ?

Static lease host names are there because :

And the dynamic ones, if you have checked :

Be careful, if you use this option, the host name present in the DHCP lease request will be used.
So can wind up having several hosts having the same name "iPad".

Solution : for the device that you want to know by name, use a static DHCP lease setup so 'you' control the host name.

gauthig

No the dynamic ones are not in the hosts file only the static.
All leases are in /var/dhcpd/var/db/dhcpd.leases

I did notice the file /var/unbound/dhcpleases_entries.conf is empty.
The static DHCP entries are in the correct file at /var/unbound/host_entries.conf

Yes the option is set correctly and has been working for 7 years on various flavors of pfSense. I just upgraded to the beta 23.01 and it stopped working. Since I use vmware for my firewall I always clone the before upgrading (or trying beta). So resetting to v22 and it work fine with the same config. did the beta upgrade again and same result, it does not work.

You solution while great for a static environment does not work for me. besides wanting the features as shown to work, I have many containers that get created and destroyed on demand for several workloads. New containers get randomly assigned mac addresses. Naming a device properly is the key to dynamic leases not duplicating. As far as devices like ipads and phones, when you name it on the initial setup it uses that name as the host name and not a generic IPAD, but those devices I really do not care to resolve, its just services that are spun up for specific workloads that other dynamic services need to communicate to.

stephenw10

I reproduced this in the current snapshot. There was a bunch of work went into Unbound last week, it looks like something was missed.

https://redmine.pfsense.org/issues/13782

Steve

jimp

It was a pretty simple correction to get that going again, it wasn't testing properly if the DHCP registration option was enabled.

It will be in snapshots tomorrow, or you can install the System Patches package and then create an entry for 6ba16cde4f7fe8db5c4ae415a737d5da5fcc84d7 to apply the fix.

jsimon41

Thanks for the quick turnaround, @stephenw10 and @jimp! I applied the patch and confirmed this fixed the issue:

dig @192.168.113.1 plug07.redacted..

; <<>> DiG 9.18.1-1ubuntu1.2-Ubuntu <<>> @192.168.113.1 plug07.home..redacted..
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 865
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1432
;; QUESTION SECTION:
;plug07.redacted...       IN      A

;; ANSWER SECTION:
plug07.redacted... 3600   IN      A       192.168.104.177

;; Query time: 0 msec
;; SERVER: 192.168.113.1#53(192.168.113.1) (UDP)
;; WHEN: Tue Dec 20 10:09:53 CST 2022
;; MSG SIZE  rcvd: 68