Multiple IP DNS Host Alias
-
I was wondering if someone could point out my mistake here. I'm attempting to create an alias for a DNS Host that has multiple IPs associated with it. Then by using firewall rules change the gateway for these DNS hosts.
I have an issue though that it is only routing the first IP it finds in the DNS record. How can I make it so that all the IPs associated with that domain are routed?
I use Astaro in another location and it's a simple task of adding a "DNS Group" definition but I guess this is probably called something different in PFSense. I have tried both Hosts and Networks Aliases.
Thanks
-
Aliases that use FQDNs cannot be used with ones that return multiple IPs, or change on each query, it only uses the first IP.
-
Actually, I'm not sure if it's new for 2.1 or not but we do use all IPs returned in a query for aliases.
A rotating answer (one that changes each query) can't be used effectively, but if a query always returns the same set of IPs, that should work.
If I add an alias for "www.google.com" and add it to a rule, the resulting table contains many IPs.
I'd have to track down a 2.0.1 box to see if the behavior is the same, but I thought it was there. Perhaps it's the method used by your DNS server to return the IPs that isn't working.
$ host www.google.com www.google.com is an alias for www.l.google.com. www.l.google.com has address 173.194.37.49 www.l.google.com has address 173.194.37.51 www.l.google.com has address 173.194.37.48 www.l.google.com has address 173.194.37.50 www.l.google.com has address 173.194.37.52: pfctl -T show -t google 173.194.37.48 173.194.37.49 173.194.37.50 173.194.37.51 173.194.37.52