Confused about hostnames/domains



  • Hi there,
    I am having a up to date pfSense with three interfaces: WAN, WIFI & INTRANET. In general setup I have a domain name home.local. DHCP is serving on WIFI and INTRANET.
    This works fine! I don't have any problems to solve, I am just asking because this came to my mind. I know, this is not a pure pfSense topic, but at the end (my tests) relate to pfSense configuration.

    Now, I have some laptops, that have two NICs: ethernet and wifi. From time to time both NICs are active:

    • one NIC is connected on a switch at INTRANET and
    • the other NIC is connected wireless on WIFI.
      And I have a static DHCP mapping for each (maybe 192.168.168.10 on INTRANET and 172.16.17.18 on WIFI) and both mappings use the same hostname (since it's the same host).

    How can I differentiate between the two interfaces from another machine?

    Now imagine I am sitting at another laptop. If I am ping'ing or trying to ssh to laptop1 (using it's hostname) from the INTRANET (from which the firewall allows to connect to WIFI).
    How is determined if the communication is made using INTRANET or WIFI?
    In case it applies (only INTRANET or only WIFI connected on another laptop): Is the same subnet automatically preferred?
    Does it depend on the default gateway on another laptop?

    If this is going to happen (orange)?

    $ ping laptop1
    PING laptop1.home.local (192.168.168.10): 56 data bytes
    
    $ nslookup laptop1
    Name:	laptop1.home.local
    Address: 192.168.168.10
    
    

    or if this is going to happen (pink/blue)?

    $ ping laptop1
    PING laptop1.home.local (172.16.17.18): 56 data bytes
    
    $ nslookup laptop1
    Name:	laptop1.home.local
    Address: 172.16.17.18
    
    

    Can I somehow "tell" which NIC I want without using the IP? I don't think so.

    I thought, maybe I could use different domain names; home.local on the INTRANET and wifi.local on WIFI?

    So I could do

    $ ping laptop1.home.local
    PING laptop1.home.local (192.168.168.10): 56 data bytes
    
    $ nslookup laptop1.home.local
    Name:	laptop1.home.local
    Address: 192.168.168.10
    

    or I could do

    $ ping laptop1.wifi.local
    PING laptop1.wifi.local (172.16.17.18): 56 data bytes
    
    $ nslookup laptop1.wifi.local
    Name:	laptop1.wifi.local
    Address: 172.16.17.18
    

    All I found was the "domain name" and "domain name search list" (not exactly sure what that is) in the DHCP-server settings. But a short test didn't change a thing. I set a different domain name on the WIFI-DHCP server and reconnected my iPhone (because it does not have ethernet, so hopefully no error on this). I could reach it using the "old" FQDN but not the "new" FQDN. nslookup on this IP returned the "old" FQDN. I saw, that the lease has been renewed, because the iPhone showed the domain search list, which I added later. But still can't use the "new" domain.

    Are you still there? Nice :-)

    So… Am I to stupid? Did I miss something? Or did I misunderstand the concept? Or... whatever... ?

    Thanks a lot,
    Sascha


  • Rebel Alliance Developer Netgate

    Those are just some of the many issues you'll have with multi-homing devices. It is best to avoid having devices active in multiple subnets where possible, aside from the router itself, for just these reasons. Things become ambiguous for DNS, and for services and replies. Imagine if a PC in Intranet contacted a PC using its IP in the Wifi subnet that also has a NIC in Intranet. The "server" in that case would likely reply from its IP address in the Intranet network since it is closer/directly connected to the client, giving asymmetric routing at best and a broken connection at worst.

    Eliminate the multi-homing and all of those problems disappear, the only downside is that all of the cross-subnet traffic flows through the router, which may or may not be a bad thing.



  • Not what I was hoping for  :)
    But seems reasonable to me, thank you very much!


Locked