3. TinyDNS (dns-server) package creating incorrect NS records

TinyDNS (dns-server) package creating incorrect NS records

  • K

    pfsense: 2.1-RELEASE (i386)
    dns-server: 1.0.6.18

    When enabling the "Automatic PTR entry" for an A record, an explicit NS record is also created. This is problematic in my environment because the NS record that is created uses the hostname of the firewall. The correct NS record (in my env) should actually be the loopback address.

    For example, I have an existing zone, 0.168.192.in-addr.arpa, with an NS of 127.0.0.1.

    I create the A record "test.myprivate.domain=192.168.0.100" and enable "Automatic PTR entry".

    The following tinydns records are created:

    =test.myprivate.domain:192.168.0.100:100
    .100.0.168.192.in-addr.arpa::hostnameofmyfirewall.mypublic.domain

    In my environment, the second line is unnecessary, but if an explicit NS record is created it should read:
    .100.0.168.192.in-addr.arpa::localhost

    I think some logic should be added so that an NS record is only added if one does not already exist for the associated PTR zone. I don't think the assumption should be made that the nameserver is going to be the firewall's hostname.

    Line #572 of tinydns.inc is where this NS record is added. Removing the line prevents the NS record from being created.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy