Cname/alias for external domain



  • there is a PC on my network that has a hard coded domain name in the hostname field used to connect out to a security camera server on the internet.  the hostname is no longer valid (it was a free dns updater service).  the service has expired and the name is no longer valid, but the program defaults to that every time it is launched (due to how it was installed).  i can manually type the new hostname (another free provider) and i can connect, but as i said, it defaults to the old name.

    is there a place in pfsense that will allow me to configure something like this:

    oldhostname.freedns.com –------> newhostname.2ndfreedns.com

    thanks.


  • Rebel Alliance Developer Netgate

    If your device uses pfSense as its DNS server, simply entry a host override under Services > DNS Forwarder.

    You can make any hostname resolve to any IP you want there.



  • I need hostname to hostname not hostname to ip

    Basically a c name record.



  • Make a host override in DNS forwarder > then just fill in a domain alias for that host. Doesn't have to be an IP. It works on my system.



  • @gogol:

    Make a host override in DNS forwarder > then just fill in a domain alias for that host. Doesn't have to be an IP. It works on my system.

    The following input errors were detected:

    The field 'IP address' is required.

    not letting me proceed w/o an IP

    the domain is not the same

    oldhost.domaina.com

    newhost.domainb.com

    i need to set it up so that anytime oldhost.domaina.com is requested, pfsense redirects it to newhost.domainb.com



  • I am on 2.1RC1. Could that be the difference?



  • @gogol:

    I am on 2.1RC1. Could that be the difference?

    i am on:

    2.1-RC1 (i386)
    built on Sun Aug 18 19:11:13 EDT 2013
    FreeBSD 8.3-RELEASE-p9

    You are on the latest version.

    post a screen shot of how i should be setting it up, if you dont mind.

    i dont need an IP address, but i cant save the changes w/o one, i am not sure how you are getting around that.

    thanks.



  • Maybe I discovered a feature. I am using Split DNS to point the domain name to an internal host. I left hostname blank.




  • @gogol:

    Maybe I discovered a feature. I am using Split DNS to point the domain name to an internal host. I left hostname blank.

    unfortunately, that is not what i am trying to do.

    i am trying to redirect a hostname to another hostname.

    not hostname to IP.



  • Ok, that's what I did whit the alias. Can't you use that function? You can use the hard coded hostname and the IP address and then make an alias, can't you?



  • @gogol:

    Ok, that's what I did whit the alias. Can't you use that function? You can use the hard coded hostname and the IP address and then make an alias, can't you?

    i need the IP field blank, unless i am missing something.



  • Maybe I am missing something  :(
    I did read again your first post and I now see I don't understand you. You said that you could connect with the new hostname, but then it defaults to the old hostname. What does that mean, or what do you see? Is it just a cosmetic thing?



  • @gogol:

    Maybe I am missing something  :(
    I did read again your first post and I now see I don't understand you. You said that you could connect with the new hostname, but then it defaults to the old hostname. What does that mean, or what do you see? Is it just a cosmetic thing?

    i have a computer that use to connect to oldhostname.domaina.com

    the program defaults to that hostname since it was the one used when the program was initially setup.

    in the recent days, i have a need to use a new hostname, newhostname.domainb.com

    what i am looking to do is create an alias for the old hostname to point to the new host name so that when the computer is requesting the name oldhostname.domaina.com pfsense picks that up and redirects to newhostname.domainb.com

    i can fix this issue by reinstalling the software and using the correct hostname (this is a flaw of the program), i was just hoping i could do something at the pfsense level.

    thanks for your help, it is appreciated.


  • Banned

    I cannot see how's a program expecting oldhostname.domaina.com going to respond to requests to newhostname.domainb.com.



  • @doktornotor:

    I cannot see how's a program expecting oldhostname.domaina.com going to respond to requests to newhostname.domainb.com.

    the program wont.  when it looks to pfsense to connect out via the internet, pfsense will redirect it.  basically, i'd like to enter a cname into pfsense.


  • Banned

    I have no idea what "program" are we talking about here. If you expect that pfsense DNS record will rewrite e.g. www.google.com to www.bing.com in your browser URL bar, then it's not what's gonna happen.



  • @doktornotor:

    I have no idea what "program" are we talking about here. If you expect that pfsense DNS record will rewrite e.g. www.google.com to www.bing.com in your browser URL bar, then it's not what's gonna happen.

    on the client side (the program) it will use the original domain old.domaina.com

    it is a cname, have you ever worked with cnames?  that is what i am looking to do.


  • Banned

    Your CNAME will not work if the program somehow works with the requested hostname. Once again, see example above… It won't work either if we are talking about some IP camera with a webserver.



  • @doktornotor:

    Your CNAME will not work if the program somehow works with the requested hostname. Once again, see example above…

    it works all the time in the scenarios where i am hosting my own domain and i can create a cname.  it doesn't seem that i can do that in pfsense.


  • Banned

    Well, that's awesome. How about reinstalling the broken thing instead of inventing similar nonsense like hijacking nonexistant hostname with a DNS forwarder?



  • @doktornotor:

    Well, that's awesome. How about reinstalling the broken thing instead of inventing similar nonsense like hijacking nonexistant hostname with a DNS forwarder?

    happens all the time with cnames, i guess it just isnt part of pfsense.


  • Banned

    Fail to see why it should do any such thing in the first place. It's a DNS forwarder.



  • @doktornotor:

    Fail to see why it should do any such thing in the first place. It's a DNS forwarder.

    i wasn't referencing that section, specifically, just if pfsense could do it.


  • Banned

    Sure; install tinydns or bind, or another authoritative DNS server. Neither dnsmasq, nor unbound. Or finally stop wasting the time and invest 5 minutes into reinstalling whatever broken thing you have there, instead of discussing for two days how to work around it.



  • @doktornotor:

    Sure; install tinydns or bind, or another authoritative DNS server. Neither dnsmasq, nor unbound. Or finally stop wasting the time and invest 5 minutes into reinstalling whatever broken thing you have there, instead of discussing for two days how to work around it.

    get the stick out of your ass.

    if you don't want to help, that's fine with me.

    i could have posted the question and gotten a reply 10 minutes later.  there goes your two day comment.

    also, had pfsense had this feature and someone posted about it, it would have answered my question and i could have used it for something else in the future.


  • Banned

    @tomdlgns:

    get the stick out of your ass.

    Thanks for your kind "recommendation". Just found the ignore list feature, sanity restored.  ::)


  • Rebel Alliance Developer Netgate

    It's actually a valid question/use case. Ugly, sure. Not ideal? Certainly. But there are always devices you cannot control. Black boxes from vendors that won't update or would charge exorbitant fees to do so.

    Unfortunately the way that CNAME records work in dnsmasq, the target of the CNAME must also be locally known. So you can CNAME something in /etc/hosts, but not something that would involve making a query to another remote DNS server. It's a limitation of dnsmasq, not DNS in general.

    There is a more in-depth answer here:
    http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2006q1/000583.html

    But ultimately, to do that you'll need a much fancier DNS system.

    If you happen to have a domain with Namecheap, their hosted DNS that you can manage in their control panel does support this function.



  • @jimp:

    It's actually a valid question/use case. Ugly, sure. Not ideal? Certainly. But there are always devices you cannot control. Black boxes from vendors that won't update or would charge exorbitant fees to do so.

    Unfortunately the way that CNAME records work in dnsmasq, the target of the CNAME must also be locally known. So you can CNAME something in /etc/hosts, but not something that would involve making a query to another remote DNS server. It's a limitation of dnsmasq, not DNS in general.

    There is a more in-depth answer here:
    http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2006q1/000583.html

    But ultimately, to do that you'll need a much fancier DNS system.

    If you happen to have a domain with Namecheap, their hosted DNS that you can manage in their control panel does support this function.

    thank you, this is helpful, in that, it is a better response as to why it won't work.

    the current domain/old domain i started the thread about is an expired dyndns hostname.

    the client side program is using olddomain.gotdns.com and that name is no longer valid on their network.  i don't want to get into why it isnt valid anymore, that isn't the point.  however, that is what prompted me to ask the question in this forum.

    yes, reinstalling the software will work, but sometimes finding another way around the problem is fun due to the challenge involved.

    thanks for the reply, jimp.



  • Great, I have learned too  :D



  • Does anyone know if this is possible now? This is useful in cases where you'd want to re-direct a URL to a reverse proxy.


  • Rebel Alliance Developer Netgate

    No, you still cannot make a CNAME to an external hostname using built-in tools.



  • Hello, any news on that?
    I try also to do the same to filter youtube.com content based on this docs:
    https://support.google.com/youtube/answer/6214622?hl=en

    Thanks for your help



  • I'm also trying to figure out how to configure pfsense to use the youtube filters:
    https://support.google.com/youtube/answer/6214622?hl=en

    If anyone has another approach I'd love to hear it.

    Thanks

    • Jon


  • This post is deleted!