DHCP and DNS



  • Referencing this topic:  https://forum.pfsense.org/index.php?topic=53203.15

    I recently had a problem on a windows system with a new pfsense router where I could not ping a system with just the hostname.

    I tried pinging host and not host.bladomain.

    Am I just not understanding the basics of DNS and networking here?

    Am I supposed to use a special name for a local domain?  I thought I could put any madeup unique TLD in the system domain box and it would be included automatically in the DNS search…

    What do I not understand?


  • LAYER 8 Global Moderator

    Normally windows will auto add your domain suffix and add that to a query yes.

    I use for example local.lan as my domain.

    windows uses this as search suffix.  So what does your windows ipconfig /all look like?

    example my main desktop at home, you see that his dns suffix is local.lan, if I just ping hostname for example pfsense, it returns fqdn of pfsense.local.lan - and you can see from the sniff that is what it did a query for.






  • Okay,

    @johnpoz:

    Normally windows will auto add your domain suffix and add that to a query yes.

    Where does it usually get that information?  From the DHCP server?  Does pfSense by default configure the DHCP server with this info?

    @johnpoz:

    I use for example local.lan as my domain.

    windows uses this as search suffix.  So what does your windows ipconfig /all look like?

    I guess .lan is a reserved tld.  RFC2606

    But the only real issue that we are looking for a unique TLD here right?  ( https://miketelahun.wordpress.com/2012/09/16/stop-using-local-as-the-top-level-domain-for-your-lan/ )

    It seems like RFC2606's purpose was only to reserve tlds for help with DNS.  But what does it matter if I were to say use some random tld like fsdkjslfdj?

    When pfsense sets up the default DHCP server does it automatically put .lan in the search, does it put the tld I set for the system in there too??
    Because .lan is reserved do client systems search it automatically?
    How does the DNS server play a role in all this?

    This is interesting:  http://www.linuxquestions.org/questions/linux-networking-3/what-tld-to-use-for-local-network-798681/

    http://tools.ietf.org/html/rfc6761

    .test?


  • LAYER 8 Global Moderator

    Where did you get the idea that .lan is reserved - did you even read the rfc you linked too?

    To safely satisfy these needs, four domain names are reserved as
      listed and described below.

    .test
                    .example
                    .invalid
                  .localhost

    ".test" is recommended for use in testing of current or new DNS
          related code.

    ".example" is recommended for use in documentation or as examples.

    ".invalid" is intended for use in online construction of domain
          names that are sure to be invalid and which it is obvious at a
          glance are invalid.

    The ".localhost" TLD has traditionally been statically defined in
          host DNS implementations as having an A record pointing to the
          loop back IP address and is reserved for such use.  Any other use
          would conflict with widely deployed code which assumes this use.

    Those are the 4 that are reserved.. not .lan

    You can use whatever tld you wnat.. fsdkjslfdj would a horrific choice in my opinion.  Too hard to type, keep it short and simple.  Same with .local is bad – Apple likes to query for stuff.local etc..  Use your name.lan -- I highly doubt they are going to add .lan to the public tld list any time soon..  You should not be using single label ie just tld.. so you could use something.homenet if you wanted or something.localnet so your fqdn would be host.something.localnet, again single label not a good idea..  pick a name for your domain and then a tld that tells you its not public.  maybe .notpublic ;)

    pfsense sends out the domain yes in option 15, as to if windows uses that is suffix search.. That is by default what it does yes.. It would normally walk up the tree so in my case it would look for host.local.lan and if that didn't answer it would ask for host.lan -- which is pointless in my network so I uncheck that box on my windows machines.



Log in to reply