Hi all,
I have a setup with dnsmasq running on port 53 and no Unbound. I also have a Windows Domain Controller running at 10.1.1.20. In dnsmasq options, I have defined
domain.local = 10.1.1.20
domain = 10.1.1.20
Before the upgrade to 26.1, running
nslookup domain.local
resulted in OPNsense returning 10.1.1.20 and my Windows clients could connect using DOMAIN\User
I upgraded to 26.1 yesterday and now when I try to run the same command, I get
:~$ nslookup domain.local
Server: 10.1.1.1
Address: 10.1.1.1#53
Non-authoritative answer:
*** Can't find domain.local: No answer
:~$ nslookup domain
Server: 10.1.1.1
Address: 10.1.1.1#53
** server can't find domain: NXDOMAIN
and my Windows clients can no longer connect with the error "A certification authority could not be contacted for authentication"
This of course completely breaks my setup. What changed with dnsmasq in the upgrade and how can I fix it?
TIA
SoWhy
Okay, it seems it was the problem noted at https://github.com/opnsense/core/issues/9754
Changing the "Local" flag to off for each host has fixed it. Weirdly, it worked fine before...
Regards
SoWhy