Hi everyone,
I am trying to improve hostname visibility in OPNsense/Zenarmor and I am facing an issue with reverse PTR resolution for dynamic DHCP leases.
Current setup:
* OPNsense latest version
* Unbound enabled as main DNS resolver
* Dnsmasq DNS & DHCP enabled only for DHCP handling
* dnsmasq listening on port 53053
* Local domain: lab
* Zenarmor installed
What works:
* Forward lookup works correctly
Example:
```bash
drill lab003.lab @127.0.0.1
```
Returns:
```text
lab003.lab. IN A 192.168.100.204
```
What does NOT work:
* Reverse PTR lookup
Example:
```bash
drill -x 192.168.100.204 @127.0.0.1
```
Returns:
```text
NXDOMAIN
```
I also verified:
```bash
cat /var/db/dnsmasq.leases
```
and the lease hostname is correctly present.
Additional observations:
* dnsmasq logs show:
```text
read /var/etc/dnsmasq-leases - 0 names
```
* Enabling "Prefer DHCP" did not resolve the PTR issue.
* Enabling "Register ISC DHCP4 leases" also did not help.
* Zenarmor mostly displays IP addresses instead of hostnames due to missing reverse PTRs.
Questions:
1. Is this expected behavior with Unbound + dnsmasq DHCP integration?
2. Are dynamic PTR records supposed to be generated automatically in this architecture?
3. Is there a recommended approach to get automatic reverse PTR resolution without creating static mappings for every device?
4. Would using KEA DHCP improve this situation?
5. Is there a known limitation/bug regarding dynamic PTR generation in OPNsense?
Goal:
* Preserve dynamic DHCP
* Avoid static mappings for every device
* Improve hostname visibility in Zenarmor/logging/reporting
Thanks!