OPNsense Forum

Archive => 20.1 Legacy Series => Topic started by: Apollo13 on February 19, 2020, 02:19:46 pm

Title: (DHCPv4/dnsmasq) Different domain names on different interfaces
Post by: Apollo13 on February 19, 2020, 02:19:46 pm
Hey guys,

we've got multiple VLANs and the DHCP servers running on them assign different domain names per interface.
Those domain names get assigned correctly, but since dnsmasq and unbound only support one domain name (and in my case that domain name is different from the one assigned to my test system), the reverse DNS lookup (executed as part of "hostname -A") returns the wrong domain name.

Is it somehow possible to work around the "one domain name only" restriction (e.g. by starting a separate dnsmasq instance per interface)?

I explicitly don't want to configure static leases for each system that should be accessible under a different domain name than the default!

Thanks in advance.

EDIT: I also found this post (and to be honest in the beginning I also thought that DHCP is the problem), but there is no solution given: https://forum.opnsense.org/index.php?topic=9692.msg44208#msg44208

EDIT2: In the meantime, I've been looking around the source code and found that regarding DHCP leases, unbound delivers what is in the dhcpleases.conf file.
This file is created by the script "unbound_dhcp.py". It should be possible to set a different domain in this script depending on the IP range to which a lease belongs, right?
Title: Re: (DHCPv4/dnsmasq) Different domain names on different interfaces
Post by: BusinessTux on October 03, 2020, 02:20:10 pm
Hey Apolly13,

I've searched for the same constellation. The following is not a solution, but perhaps a workaround.

Code: [Select]
      WAN / Internet
            :
            : DialUp-/PPPoE-/Cable-/whatever-Provider
            :
      .-----+-----.
      |  Gateway  |  (Vigor 165)
      '-----+-----'
            | 192.168.165.1/24
  WAN (em1) |
            |
      .-----:-------------------------------.
      |  OPN:sense    20.7.3-amd64          |
      |  (Br:dge)                           |
      '-----:----------------:-:-:-:--------'
            |                 \/     
 MGMT (em0) |                 || LAGG0 - VLAN 20 Intra 10.0.2.253 10.0.2.0/24 DHCPv4 off
10.0.1.0/24 |                 ||       - VLAN 30
            |                 ||       - VLAN 40 Test  10.0.4.253 10.0.4.0/24 DHCPv4 off
            |                 ||       - VLAN 70 IoT   10.0.7.253 10.0.7.0/24 DHCPv4 on
            |                 ||
            |                 ||
            |                 ||
            |                 ||
      .-----+-------------.   ||
      |                   +---'|
      | LAN-Switch        +----'
      '-----+-+-+-+-+-----'
            | | | | |
            | | | | '----... (Netzwerkdevices/Servers)  VLAN 10  mgmt.mydomain.com
            | | | |
            | | | '------... (Clients/Servers)          VLAN 20 intra.mydomain.com
            | | |
            | | '--------... (Servers)                  VLAN 30
            | |
            | '----------... (Clients/Servers)          VLAN 40  test.mydomain.com
            |
            '------------... (IoT Devices)              VLAN 70   han.mydomain.com

I've configured my OPNsense with a subdomain, I've never used

Then I set the set the domain search list in the dhcpv4 settings to "han.mydomain.com;opn.mydomain.com". With this the the clients find the ip adresses with the opn subdomain. Not nice, but works.

For correct subdomain you can also set static dhcp reservations (like 10.0.7.201 in the next text). This entries will lookuped correctly.
Code: [Select]
root@OPNsense:~ # unbound-control -c /var/unbound/unbound.conf list_local_data | grep -i han
10.0.7.101.     3600    IN      PTR     testhanvm2.opn.mydomain.com.
OPNsense.han.mydomain.com.     3600    IN      A       10.0.7.253
testhanvm.han.mydomain.com.    3600    IN      A       10.0.7.201
testhanvm2.opn.mydomain.com.   3600    IN      A       10.0.7.101
101.7.0.10.in-addr.arpa.        3600    IN      PTR     testhanvm2.mgmt.mydomain.com.
201.7.0.10.in-addr.arpa.        3600    IN      PTR     testhanvm.han.mydomain.com.
253.7.0.10.in-addr.arpa.        3600    IN      PTR     OPNsense.han.mydomain.com.

Perhaps you can use it.

Ulf