Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    TinyDNS (dns-server) package creating incorrect NS records

    pfSense Packages
    1
    1
    658
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kdr last edited by

      pfsense: 2.1-RELEASE (i386)
      dns-server: 1.0.6.18

      When enabling the "Automatic PTR entry" for an A record, an explicit NS record is also created. This is problematic in my environment because the NS record that is created uses the hostname of the firewall. The correct NS record (in my env) should actually be the loopback address.

      For example, I have an existing zone, 0.168.192.in-addr.arpa, with an NS of 127.0.0.1.

      I create the A record "test.myprivate.domain=192.168.0.100" and enable "Automatic PTR entry".

      The following tinydns records are created:

      =test.myprivate.domain:192.168.0.100:100
      .100.0.168.192.in-addr.arpa::hostnameofmyfirewall.mypublic.domain

      In my environment, the second line is unnecessary, but if an explicit NS record is created it should read:
      .100.0.168.192.in-addr.arpa::localhost

      I think some logic should be added so that an NS record is only added if one does not already exist for the associated PTR zone. I don't think the assumption should be made that the nameserver is going to be the firewall's hostname.

      Line #572 of tinydns.inc is where this NS record is added. Removing the line prevents the NS record from being created.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post

      Products

      • Platform Overview
      • TNSR
      • pfSense
      • Appliances

      Services

      • Training
      • Professional Services

      Support

      • Subscription Plans
      • Contact Support
      • Product Lifecycle
      • Documentation

      News

      • Media Coverage
      • Press
      • Events

      Resources

      • Blog
      • FAQ
      • Find a Partner
      • Resource Library
      • Security Information

      Company

      • About Us
      • Careers
      • Partners
      • Contact Us
      • Legal
      Our Mission

      We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

      Subscribe to our Newsletter

      Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

      © 2021 Rubicon Communications, LLC | Privacy Policy