Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Bug in dns-server package?

    Scheduled Pinned Locked Moved
    DHCP and DNS
    2
    3
    2.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      JoshW
      last edited by

      I have disabled DNS Forwarder and enabled both TinyDNS and DNScache.  TinyDNS is bound to 127.0.0.1, DNScache is listening on the LAN IP.

      Query of internal addresses registered with TinyDNS works.  Query of external addresses does not.  It turns out that pfSense is setting /var/etc/dnscache0/root/servers/@ and /etc/resolv.conf to the local LAN IP of the pfense box!  i.e. attempting to use itself for recursive look up.  This is obviously incorrect.  @ should be set to the DNS servers from system setup or this should be configurable from the DNS Server configuration.

      Changing @ to a real DNS server doesn't fix things however.  DNScache still is unable to resolve hosts.  There are errors in the log/main file of the form "drop 109642 permission denied"

      This is pfSense 1.2.3 and dns-server 1.0.6.14.

      Update: Running "svc -t /var/run/service/dnscache0" fixes the DNScache problem once @ is updated.  Restarting dnscache apparently is not enough to have it reread the configuration.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        I'm not sure if anyone is actively maintaining the dns-server package at the moment for that scenario. I know we have made some commits for customers for using it as an authoritative DNS server, but not as a recursive resolver.

        If you want to look at the code in /usr/local/pkg/ in the tinydns.inc / tinydns.xml files there, and supply a patch to fix this behavior, it would be more than welcome.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • J
          JoshW
          last edited by

          I may take a look at that.

          What I'm really trying to achieve is redundant DHCP + DNS + DDNS, but looking at TinyDNS it seems as though the DDNS part is an add on.  I haven't looked into it enough to figure out how the DDNS component works.

          I suspect that I will just use two other servers on the network to set this up, but it would be really nice if this were possible with pfSense.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post