When I set unbound to listen to all internal interfaces, it seems this causes unbound to randomly return an interface address when I query opnsense hostname.
My opnsense GUI is (should be) only accessible on what I call LAN. I have several other networks with VLANs on them for different purposes. None of these should be able to access the webGUI. However, all of these networks should have access to opnsense as a gateway, DNS and NTP.
Unbound is set to listen to all internal networks
Unbound is listening on 53 as the main resolver (so it registers for DHCP defaults)
Each network has DHCP enabled.
When I am on LAN, and I ping opnsense, I often get an IP returned that does not belong to LAN network (ie, one of the other VLAN interface addresses). I cannot open the webGUI because its not accessible on that IP.
When I change unbound to listen to only on LAN interface, it now seems that hosts in other than LAN network no longer resolve, as if they do not get registered because Unbound is not set to listen on those interfaces?
I've been trying to catch what happens in the logs of unbound, but the GUI is slow (large logs?) and when searching, the window never shows a result (it just sits there searching infinitely).
Please ask if you're missing information, I hope I can solve this soon with a bit of help!
Thanks!
https://forum.opnsense.org/index.php?topic=33634.msg180318#msg180318
Quote from: Patrick M. Hausen on November 20, 2023, 05:21:09 PM
https://forum.opnsense.org/index.php?topic=33634.msg180318#msg180318
Awesome! Thank you!
I incorrectly assumed that the fact that a DHCP lease is not registered in Unbound was caused by unbound not listening on that interface.
One host is still not registering, so I'll investigate that and if I need help, open a new post for that.
Wanted to clarify in case someone comes here, reads my OP and thinks the solution solved that too.