Hello..
Brand new to OPNsense and Unbound, coming from an aging Tomato and DNSmasq setup. One thing has me baffled though.
When setting up an override record with several aliases (such as for my Nginx proxy server), all of the alias records are included as reverse (PTR) entries for the IP and lookups return all of them (in seemingly random order).
This seems wrong to me, or am I just missing something ? I've always thought there should only (at most) be a single PTR returned for an IP -- which I would have assumed would be the main entry.
Thanks!
I observed the same thing, and frankly, it seems to me that this is not correct behavior. Configuring DNS name overriding the PTR record should point only to the main record, aliases to this record should not be registered in DNS. The problem is especially evident in Zenarmor, where you see random names for such addresses.
Best regards,
Maciej
Frankly, DNS in OPNsense is a mess. It's lacking a lot of control/configurability. For instance, it will create a DNS record for every interface, regardless of you wanting it/it making sense or not. That's why I had to use a random hostname for my box, so that I could create an override record with the actual hostname I wanted to use.
The same is true for the host overrides. If I enter an A record, I want to have an A record in my DNS. Not another PTR. >:(
I have filed a GitHub issue about the "DNS for every interface" issue, which mostly got ignored.
I'm now looking into alternatives. One could be to install BIND, although I think that's a little overkill. Or I could NOT run my DNS on OPNsense, which sounds even dumber to me. :-\
I know this thread is a little old, but does PTR resolution come back to the unbound configuration?
https://forum.opnsense.org/index.php?topic=30167.msg145954#msg145954
I think the fix went too far.