Name Resolution

  • I'm terribly sorry if this has been asked/answered before, but for all of my searching I can't find the answer.

    4 computers in the LAN, named;
    pfSense - bob
    desktop1 - jon
    desktop2 - tim
    fileserver - max

    I have all computers (except for pfSense) static IP'd with DNS info pointing toward the pfSense box. pfSense box has dhcp connection to DSL modem with ISP's dns ip addresses (wan nic) and static ip on the lan nic. When I type "bob" in a browser i WANT it to go to the pfSense box (and typing "jon" would go to desktop1 and so on and so forth) but this does not happen. It'll either try some name resolution and fail or even sometimes succeed with an external site.

    Thanks in advance.

  • Enter the IP-DNS mappings at services>dns forwarder. Other option is to add static mappings for the macadresses of the clients at services>dhcp and check the resolve dhcp leases option at services>dns forwarder and set your clients to dhcp.

  • I believe i entered the static addresses and corresponding names in services>dns forwarder (i'll double check when i get home from work). As for the other option, it isn't really, as I don't want to use dhcp in my lan. Thanks for the speedy response!


    Yeah, under services>dns forwarder I have Enable DNS Forwarder checked, Register DHCP unchecked and 4 host entries with corresponding domain, ip and description fields filled out. Aside from taking the dhcp route, is there anything else?

  • Are these windows boxes?? If so when you set the static ip under internet protcol (tcp/ip) properties you need to click advanced and goto the dns tab. Fill in the domain name you used for the dns forwarder host names in the dns suffix.

    Now do nslookup nameofhost and it will give the desired effect. Without setting the above you would have to do nslookup nameofhost.domainname

  • Ah, thank you. That would explain why the linux boxes would always time out and the windows box would resolve externally. Made the appropriate changes, did an nslookup and behold, the correct ip was returned.

    Still, I'm unable to get directly to the pfSense server by typing in it's hostname. That would be the result of me enabling https as well as a specified port. Is there any future possibility of the dns forwarder template accepting such a url or will it always be restricted to a 4 octet IP?

  • The DNS-forwarder resolves the pfSense's hostname as well. Check the Domainsuffix at your client/pfSense. Maybe there is a mismatch somewhere.

  • Well, the linux boxes won't resolve it either, and I can't put in https://xxxx.xxxx.xxxx.xxxx:xxxx as an ip address in the dns forwarder template. I haven't tried running pfSense with just a non secure, port 80 address but i'm pretty sure it'd resolve if I did. I also haven't….(i know, shame on me) tried just pinging names...i'll give that a shot tonight when I get home.

  • A DNS won'T resolve wether a system has to be accessed by https or htttp or whatever port. It just resolves a name to an IP. So you need to access your pfSense webgui by typing "https://pfsense" (or the hostname that you did set).

  • Hm, all boxes are ping-able via hostname from both linux and windows but neither are going to pfSense's web interface by typing https://pfSense (or whatever I named it  ;) )…wonder what I'm doing wrong....i'll keep dinking around with it. I'm glad to have the hostnames pingable however...thanks for the help!

Log in to reply