DNS forwarder, A valid domain must be specified.



  • The simple question is what is a valid domain, and how can I specify my own custom one?

    So let's start with topology.
    1# AT&T mobile hotspot ( With its own AP, Nat, DHCP server and DNS forwarder. all in a small package complete with battery backup. ), 10.2.2.1.
    2# A mini router set to client mode and automatically joins the above wireless network, with a manual IP address of 10.2.2.223.
    3# The above drops an ethernet cable to my PFSense's WAN port, with a manual IP address of 10.2.2.222.
    4# PFSense box running DHCP for my local LAN, 10.3.3.1.
    5# Wireless access point and wired devices.

    On to the question…
    the hotspot manufacturer has an IOS APP that allows configuration and monitoring of the hotspot, this works great when the iDevice is attached to the hotspots Wi-Fi.
    the problem comes in when the iDevice connects up to the local wireless AP and is then unable to connect.
    Okay so it's time to fire-up Wireshark OR use the built-in one, oh how I love PFSense! ;) :) ;D :o 8) ::)
    yeah results, the app puts out a DNS request for "hotspot.m2m"
    which obviously fails because it's not a public DNS record, over on the hotspot it gets forwarded to it's local IP address ( because of its local DNS forwarder.).

    So simple fix, I can either do.
    1# Set one of my 4 DNS servers to the hotspots IP, but then I run into slowness and annoying redirects. ( just like when you hit a Café hotspot you have to agree to the terms, but this happens when the signal drops out or DNS corruption. and the next thing you know Google is going to 192.168.1.1 or something like that and giving an error about restarting your browser to clear its cache. [ which doesn't always work, and required a new browser plug-in] ).
    2# Ok i will use the DNS forwarder, easy I've done that before.
    Host = www
    Domain = hotspot.m2m
    IP address = 10.2.2.1 ( I don't like 192.168.x.x addresses as it's hard to type quickly. )
    Description = AirCard App Pass-thru of "hotspot.m2m" to 10.2.2.1

    But then I get… "The following input errors were detected: A valid domain must be specified."

    { so on a side question, their should be a description of what a valid domain is when this error pops up or there should at least be a description attached to the help document for whatever relevant pages would give this error. ?Bug. }

    So I tried shortening the URL from "hotspot.m2m" to "hotspot_.m2m" and that doesn't work either, same error.
    So I tried shortening the URL from "hotspot.m2m" to "hotspot.m2m" and that works, but that is not what the app is looking for and thus puts out an unsupported error because the DNS lookup is still failing.

    Thank You for your help in advance.
    This is also my 1st time posting, Please specify relevant rules or category changes….

    P.S. I got 99% done writing this and I hit preview one last time, and my session timed out and I lost everything. and had to start over, other than thankfully my clipboard cache.


  • Rebel Alliance Global Moderator

    yeah results, the app puts out a DNS request for "hotspot.m2m"

    Ok they way I would look at a query for hotspot.m2m is the host name is hotspot and the domain is m2m

    So this should work - see attached

    C:>nslookup
    Default Server:  pfsense.local.lan
    Address:  192.168.1.253

    hotspot.m2m
    Server:  pfsense.local.lan
    Address:  192.168.1.253

    Name:    hotspot.m2m
    Address:  1.2.3.4




  • The problem is with the domain name part you are trying to enter, rather than the host name. pfSense (and many other systems that implement DNS forwarders, resolvers, servers…) implement the restriction that each name in the "." separated domain name must only contain letters, hyphens "-" and digits (and start with a letter, and not end with a hyphen).
    http://tools.ietf.org/html/rfc1035#section-2.3.1
    and that has been the convention for a long time, although not required by RFC1035.
    RFC2181 clarifies that actually anything can be stuffed into a domain name:
    http://tools.ietf.org/html/rfc2181#section-11
    Anyway, why do you have to make it www.hotspot.m2m ?
    Why not just hotspot.m2m that johnpoz has demonstrated.



  • Thanks to johnpoz & phil.davis.
    Sorry i apparently either did not receive a reply or missed them in my e-mail

    I guess my problem was that I've always thought of the (.***) as the extension and not the domain.
    and wouldn't you know it, as long as you don't put any (_) in the domain fields it's all fine and dandy. :) :D ;D :o ??? ::) :-[ :'(

    so using (hotspot) as the host, and (.m2m) as the domain, it's all of a sudden accepted as a correct and valid response….... & YEAH it Works! (in both the host and domain override boxes).

    oh and no (WWW.) required, the app simply does not require that.

    so now I can grab my iPad and manage my hotspot, which manages my WAN Internet connection. which is very handy for details like current DATA usage!!!, session usage, text messages, battery state, attached devices ( which should only be my PFS Box (Have To Make Sure the Neighbors Don't Get on as Somebody Else Is Slightly Paranoid, And I'm Happy with WPA2 Passwords), And Other Miscellaneous Settings.

    But Best Of All, i can let other people in the house use the app to see how much data we've used so far without using the data. ( of course accessing the hotspot may not always be accurate, but is at least local and a relatively close estimate of usage)