Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Procedurally inserting dns entries

    Scheduled Pinned Locked Moved DHCP and DNS
    6 Posts 3 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      shreek
      last edited by

      I've got a bunch of cloud based servers with IP addresses that change regularly.  Currently my client machines manually invoke a script which will query the cloud API and add/update a hosts file entry.  I'd like to just let pfsense's DNS handle this.  Currently I'm using the DNS forwarder since I was getting random segfaults from unbound.

      So my 2 main questions are:

      • What's the best way to go about getting my host mappings into the DNS forwarder

      • What's the best way to invalidate the DNS cache on the client when I update the mappings on the server

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        Why would you want to do this in pfsense host over rides.. Why wouldn't your cloud based servers not just update say a dyn dns entry..  Curious what your running where the IPs of cloud servers (vps?) would change anyway?

        As to a clients local cache - this would be controlled with a short ttl entry no matter where its being looked up at.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • W
          wagonza
          last edited by

          @shreek:

          Currently I'm using the DNS forwarder since I was getting random segfaults from unbound.

          You logged this on Redmine as a bug and can reproduce it easily or at least describe what you think is possibly causing Unbound to segfault?

          Nevermind I see you commented on another thread.

          Follow me on twitter http://twitter.com/wagonza
          http://www.thepackethub.co.za

          1 Reply Last reply Reply Quote 0
          • S
            shreek
            last edited by

            @johnpoz:

            Why would you want to do this in pfsense host over rides.. Why wouldn't your cloud based servers not just update say a dyn dns entry..  Curious what your running where the IPs of cloud servers (vps?) would change anyway?

            As to a clients local cache - this would be controlled with a short ttl entry no matter where its being looked up at.

            We use a battery of EC2-Classic instances that get turned off and on as needed. Anywhere between zero and dozens of them, with the capacity to create more on demand.  EC2-Classic doesn't persist IP addresses when an instance is shut down, and I'd rather not carve off a block of elastic IPs for them.  Moving over to VPCs would solve this but is a more involved process and I/we simply don't have time to make that transition right now.  As such a quick-and-easy solution would be to take the script that's updating our clients and adapt it to inject the host mappings into our DNS server, in this case pfSense.

            1 Reply Last reply Reply Quote 0
            • johnpozJ
              johnpoz LAYER 8 Global Moderator
              last edited by

              You can load a file into forwarder, this is how you add lots of hosts.  So if you change this file and restart forwarder you should be good.

              In the advanced section

              addn-hosts=/etc/extrahosts

              in that file example
              192.168.1.14 test.local.lan
              192.168.1.15 test2.local.lan
              192.168.1.16 test.other.lan

              Fairly sure the detail ttl for host over rides is only like a minute so you shouldn't have to worry about local cache.

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 24.11 | Lab VMs 2.8, 24.11

              1 Reply Last reply Reply Quote 0
              • S
                shreek
                last edited by

                @johnpoz:

                You can load a file into forwarder, this is how you add lots of hosts.  So if you change this file and restart forwarder you should be good.

                In the advanced section

                addn-hosts=/etc/extrahosts

                in that file example
                192.168.1.14 test.local.lan
                192.168.1.15 test2.local.lan
                192.168.1.16 test.other.lan

                Fairly sure the detail ttl for host over rides is only like a minute so you shouldn't have to worry about local cache.

                Awesome, sounds perfect.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.