DNS shows wrong (maybe old) entry
-
Hello folks,
I have a strange problem.
My DNS shows a wrong lookup for the internal address and I can't find where to delete it.
The address I want to resolve is as follows: edgerunner.xxx.xxx
My DNS configuration looks like this:
And the DNS on my firewall shows the following entries:
10.1.4.1 (that would be correct)
10.1.2.1 (that would be incorrect)
This of course leads to very long loading times as it first queries the wrong one. Now I wanted to delete the wrong entry. I have done the following:
- Restarted the DNS resolver service
- Entered the following command in the command line: unbound-control -c /var/unbound/unbound.conf reload
However, when I now query the DNS cache of my PFsense with the following command:
unbound-control -c /var/unbound/unbound.conf dump_cache
I do not see this entry anywhere.Can anyone help me?
-
@NetRunner8050 said in DNS shows wrong (maybe old) entry:
nbound-control -c /var/unbound/unbound.conf dump_cache
Don't worry, none of my local host overrides can't be found in the DNS cache neither.
They are here :cat /etc/hosts -
@Gertjan said in DNS shows wrong (maybe old) entry:
/etc/hosts
Okay Thanks for the reply!
I deleted it from etc/hosts and restarted the unbound service but its still there. What else could I do?
Edit: After the reboot of unbound it came back, where does this come from?
-
@NetRunner8050 said in DNS shows wrong (maybe old) entry:
I deleted it from etc/hosts and restarted the unbound service but its still there. What else could I do?
Edit: After the reboot of unbound it came back, where does this come from?
No need to edit that /etc/hosts file, as it is regenerated with your settings every time unbound (re)starts.
For me, the first 2 lines in that file are the local host :
127.0.0.1 localhost localhost.bhf.tld ::1 localhost localhost.bhf.tldThen :
192.168.1.1 pfSense.bhf.tld pfSense 2a01:cb19:907:dead:beef:fe29:392c pfSense.bhf.tld pfSenseand all the others are my static DHCP leases (bottom page DHCP server settings), and host over rides (bottom part resolver settings).
Are you using :
?
-
@Gertjan
No I dont use this option:
-
You have these two IPs:
in your host file ?
Again : if they are there, then that's because they are in you pfSense config some where.
Afaik : host overrides and DHCP static leases.The order I saw is :
First, the first 2, or 4, as mentioned above.
DHCP4 static leases, one interface after the other.
DHCP6 static leases, one interface after the other.
At the end : hosts over rides from the Resolver page. -
Those addresses are my gateway addres for the specific network.
Maybe I should mention that the domain is my "internal domain" and also local zone.
Yes I got those in my Hosts file:
But I dont get this in my Host Override config
Nothing in my DHCP leases (I dont use IPv6)
There are no DHCP static mappings or anything.
But they are in the /var/unbound/host_entries.conf
-
I figured it out.
It was because my Firewall was named edgerunner and my domain was the xxx.xxx Domain and my LAN interface had the IP 10.1.2.1 it mapped edgrerunner to the IP.
My solution now was to rename the firewall.
Then I got the potential DNS Rebind attack error and had to add the alternate Hostname in System-> Advanced.
Thanks for the help!
-
-
Have you inspected the config.conf file to see if it is listed on that and boots with it?
