DNS Forwarder and CNAMEs (again)
-
I know there have been multiple threads about this in the past and I understand why this hasn't been done, so I'm not asking for CNAME support in the DNS Forwarder. (I'd use TinyDNS but the recursive server doesn't seem to be working and Unbound doesn't quite do it for me either.)
However, CNAMES are really convenient for certain setups (like mine) and I'd like to suggest an alternative. FWIW, I currently have multiple servers running on my internal LAN and they each host a number of services, I use sub domains for each service so I can move services about as needed without reconfiguring clients. This means that each machine has a number of aliases. With my old DNS server I simply had a number of CNAMES, with pfSense I have to have multiple host overrides each setting the same IP. With both IPv4 and IPv6 this adds a lot of management burden.
My suggestion is to add an "Aliases" section to the DNS forwarder UI, essentially the equivalent of specifying a CNAME, but under the hood the system could resolve the aliases at save time and simply write all the raw host entries into /etc/hosts (both IPv4 and IPv6 entries as appropriate). This keeps the current DNS forwarder functionality but simplifies host management.
For example, if I have the overrides:
one.local: 192.168.1.1
one.local: 2001:470:1234::1
two.local: 192.168.1.2
two.local: 2001:470:1234::2and the aliases:
mail.local: one.local
www.local: one.local
svn.local: two.localthen /etc/hosts would contain:
192.168.1.1 one.local
192.168.1.1 mail.local
192.168.1.1 www.local
2001:470:1234::1 one.local
2001:470:1234::1 mail.local
2001:470:1234::1 www.local
192.168.1.2 two.local
192.168.1.2 svn.local
2001:470:1234::2 two.local
2001:470:1234::2 svn.localThis is obviously a simplified and trivial example, but for complex setups it would make management a whole lot simpler and less error prone.