How to make wildcard like A records I found the documentation but with unbound it didn’t work!
-
How to make wildcard like A records I found the documentation but with unbound it didn’t work!
I can’t reach that domain I setup there in the custom field!
https://docs.netgate.com/pfsense/en/latest/services/dns/wildcards.html -
@d-k said in How to make wildcard like A records I found the documentation but with unbound it didn’t work!:
I can’t reach that domain I setup there in the custom field!
Unbound cannot make the domain reachable, it just resolves it.
So check if you can resolve the domain using Unbound. -
@d-k Lets see what your doing - this is pretty straight forward.
$ dig @192.168.9.253 example.com +short 192.168.1.54 $ dig @192.168.9.253 whatever.example.com +short 192.168.1.54 $ dig @192.168.9.253 somethingelse.whatever.example.com +short 192.168.1.54Are your clients even pointing to IP of pfsense for dns, or are they using doh or something..
-
@viragomann With dns lookup I could find but in the browser ti didn't showed anything!
-
@johnpoz First I had trouble with internet connection on lan side but then I figrued out that the eutp hadn't setup pfsense as dns server so I added it to system/general setup and I got internet so I think all clients are connected to the unbound dns server on pfsense!
-
@d-k I can also can not resolve home.arpa where pfsense should be reachable I guess!
-
@d-k said in How to make wildcard like A records I found the documentation but with unbound it didn’t work!:
but in the browser ti didn't showed anything!
That would point to your browser using doh, ie not pfsense/unbound as its dns.. This is a common problem, browser makers seem to think its ok with using doh without any actual ok or agreement from the user. Or sometimes users click to use it without actually understanding what it is doing.
For anything in your local resources for dns - yeah your OS or application (browser) has to be asking your local NS to resolve these - googledns sure and the hell is not going to know about your home.arpa or wildcard settings.
Look in your browser and disable doh..
-
@johnpoz It seems like safari is not using Doh! I research and on reddit they say to use that website 1.1.1.1 and that outputs if the browser uses doh!:
I don't know about chrome but there I have no success either!:
-
@d-k why would you think you could resolve just home.arpa to something, home.arpa isn't a fqdn something.home.arpa would be a fqdn.. Did you setup a record in unbound on pfsense to resolve home.arpa to something.. Is pfsense even using home.arpa..
Your output you posted is using webserver.lan as a search suffix. That means when you look for something it could be looking for something like home.arpa.webserver.lan
And that debug information is telling you your not using doh or dot to 1.1.1.1, not that if safari is pointing elsewhere for doh btw
What is pfsense setting in general?
$ dig sg4860.home.arpa +short 192.168.9.253But see home.arpa doesn't resolve to anything...
But I can make it resolve to something if I want
-
@johnpoz Thanks that's pretty much I wanted to do to have it easier to access my stuff in the local network instead always enter ip addresses in the browser!
-
@johnpoz One question when does the host overrides stop working if they are deleted I deleted one I created and clicked apply but still resolve able!
-
@d-k could be just cached locally on your machine - it would depend on how your doing the query.. If you do a directed query to pfsense/unbound with specific tool like dig or your other fav dns tool and it still resolves then maybe unbound didn't restart after you removed it?
put if your just doing say a ping or accessing with a brower, which has its own dns cache you could just be getting what is cached locally.
Not sure how to do it on macos or safari - but for example in windows and firefox
ipconfig /displaydns
will show you what is locally cached, and for how much longer - see the time to live line
if you go to about:networking#dns
In firefox you can see what the browsers specific cache has in it
-
@johnpoz Thanks on Safari I was able to figure out!!:
I had to delete this and then it clears all domains entries in the local storage with .home.arpa!
