FQDN in static DHCP mappings

BlazeStar · Jun 18, 2015, 10:58 PM

I'm using 2.2.2-RELEASE (amd64)

On this page :
https://doc.pfsense.org/index.php/DNS_Forwarder

More specifically this:

Optionally, the DNS forwarder can register hostnames from DHCP leases so that local hostnames can be resolved via DNS. The same can be done with static DHCP mappings. This should only be enabled on networks where the client hostnames can be trusted or controlled.

My understanding is that instead of using a DNS forwarder, i can just create a static DHCP mapping so I can use a hostname (FQDN) inside my network to point to a local IP.

So I tried it out:
http://cl.ly/image/1Y022q1z3B24

Where mydomain.com is obviously not my real setting.

But it doesn't work.

Why ?

doktornotor · Jun 18, 2015, 11:05 PM

You need a DNS server (forwarder/resolver) running. Not really sure what you mean by "instead".

jahonix · Jun 19, 2015, 12:19 AM

@BlazeStar:

My understanding is that instead of using a DNS forwarder, i can just create a static DHCP mapping so I can use a hostname (FQDN) inside my network to point to a local IP.

A static DHCP mapping is only half of the equation. As doktornotor wrote, you additionally need a DNS server to actually respond to your queries.
(a static table doesn't answer, no matter how loud you shout at it)

BlazeStar · Jun 19, 2015, 7:46 PM

Ok so screw the DHCP mappings.

The DNS resolver is active.

I tried to set up a host override.

http://cl.ly/image/421d2T2m0A2w

and here are my settings :

http://cl.ly/image/1G242e393z44

doesn't seem to work

is there any other option, somewhere, I should be aware of?

thanks!

KOM · Jun 19, 2015, 7:51 PM

You don't have any hosts in the list. Do you really access your ERP system via YourDomain.com? Or is it really erp.yourdomain.com or fred.yourdomain.com? If you do an nslookup on just the domain, you will get a list of domain controller IPs as a response. How did you test?

FYI these forums can host images directly, so there is no need to drop them on a filehost and then link to them.

BlazeStar · Jun 19, 2015, 8:59 PM

@KOM:

You don't have any hosts in the list. Do you really access your ERP system via YourDomain.com? Or is it really erp.yourdomain.com or fred.yourdomain.com? If you do an nslookup on just the domain, you will get a list of domain controller IPs as a response. How did you test?

FYI these forums can host images directly, so there is no need to drop them on a filehost and then link to them.

I don't understand what you mean…

I do have hosts in my list.

And the host config I posted has :
name of host : erp
domain of host : MyDomain.com (which of course is not the real value)

How would I configure it otherwise?

KOM · Jun 19, 2015, 9:07 PM

I don't understand what you mean…

It's probably because I appear to be massively confused today. I think I will stop and go home.

So, what happens then when you have a client that points to pfSense for DNS and you try to resolve erp.mydomain.com?

doktornotor · Jun 19, 2015, 9:13 PM

@BlazeStar:

The DNS resolver is active.
I tried to set up a host override.
doesn't seem to work

is there any other option, somewhere, I should be aware of?

You realize you must point your clients to pfSense as their DNS server?

Additionally, did you disable the DNS Resolver? You cannot have both running.

BlazeStar · Jun 20, 2015, 1:27 AM

@KOM:

It's probably because I appear to be massively confused today. I think I will stop and go home.

So, what happens then when you have a client that points to pfSense for DNS and you try to resolve erp.mydomain.com?

No probs!!

All help is much appreciated.

Well something is going on there…

From my computer, if I PING or TRACE the ERP host, then it will give me back 10.0.3.50

However, in a web browser (i.e. : Firefox) it didn't work.

So I "reset" it... with the repair option... Firefox that is

And now it works !!!

I guess it was a cache problem or something !

THANKS !!!

@doktornotor:

You realize you must point your clients to pfSense as their DNS server?

Additionally, did you disable the DNS Resolver? You cannot have both running.

I didn't disable de DNS Resolver.

I set host override IN the DNS Resolver.

The DNS forwarder is not active.

Should I disable de DNS Resolver and activate de DNS Forwarder ?

I don't know the impact of that though :S

doktornotor · Jun 20, 2015, 8:11 AM

@BlazeStar:

I didn't disable de DNS Resolver.
I set host override IN the DNS Resolver.
The DNS forwarder is not active.
Should I disable de DNS Resolver and activate de DNS Forwarder ?

No. The point was that you can just run one at a time. (And as I recall, the checks to prevent running both were/are somehow incomplete.)