Problem with aliases and FQDN



  • Hi all,

    i have a problem with aliases and fqdn.
    I use aliases which contain fqdn entries.

    They get resolved to ip's and i can see them in the corresponding tables.
    As far as i understand how it works in pfsense, each time an fqdn changes (in my case often), the updated ip will be put in the corresponding tables.
    This works fine.

    The problem is the the old ip's from fqdn's never get deleted from the tables. Filterdns is only able to add ip's to a table, it is not aware of the old ip address, so not able to remove it from the table. This way the table gets bigger and bigger and old ip's never got deleted (s. bug/feature: https://redmine.pfsense.org/issues/3199)

    My idea to resolve the issue: rebuild all tables from scratch by a cron entry, maybe each day/hour which would delete old fqdn based ip addresses.
    But i did not find a command to force pfsense to rebuild all tables from scratch.
    Is there a way to do this?



  • That's actually been implemented since then, should do just that out of the box on 2.2.



  • Confirmed good on 2.2-RELEASE. I checked a system that has been up for 11 days. It has an alias with a list of the FQDNs of dynamic DNS names of remote office public IPs that are kept up-to-date by each remote pfSense. Many of them have dynamic public IPs that change every day. The pf table currently has the right number of good entries.
    Previously with pfSense 2.1.5 it would accumulate about 100 IP addresses over a week or so as the FQDNs resolved to different IPs from dayto day.


Log in to reply