OPNsense Forum

Archive => 20.7 Legacy Series => Topic started by: abraxxa on October 17, 2020, 03:47:38 pm

Title: Unbound DNS returns IP addresses for all local VLAN interfaces
Post by: abraxxa on October 17, 2020, 03:47:38 pm

Same issue as this user had with 20.1 still exists in 20.7: https://forum.opnsense.org/index.php?topic=17190.msg78161

Interestingly the IPv6 address of each interface is returned but only the IPv4 interface of one  ???

Is there a config option to control the automatic DNS entry generation for the firewall itself?

Title: Re: Unbound DNS returns IP addresses for all local VLAN interfaces
Post by: schnipp on October 17, 2020, 05:29:06 pm

I noticed the same problem some time ago. But, maybe it works as designed. I performed similar steps like in the post you mentioned plus one additional step. So, everything works fine.

1. Override the FQDN of the firewall via Unbound to a specific IP (In the global settings [system -> settings -> general]. Additionally, set a different FQDN to avoid possible conflicts).
2. Register the override as an alternate hostname (system -> settings -> administration).

Title: Re: Unbound DNS returns IP addresses for all local VLAN interfaces
Post by: Mks on October 18, 2020, 11:56:49 am

Hi,

you can configure "views" in the "Custom Options", may this solves the issue.

br

Title: Re: Unbound DNS returns IP addresses for all local VLAN interfaces
Post by: abraxxa on October 22, 2020, 11:55:38 pm

Thanks for your replies!

Using a custom fqdn for just the single administration IPv4/6 address is a workaround I already thought of but hoped to avoid.

@schnipp: thanks for the alternate hostname config option pointer!

@Mks: the help text says that the unbound custom options will be removed in a future version so that' s nothing I want to use if possible.

Title: Re: Unbound DNS returns IP addresses for all local VLAN interfaces
Post by: Mks on October 23, 2020, 03:25:55 pm

@Mks: the help text says that the unbound custom options will be removed in a future version so that' s nothing I want to use if possible

Yes, but there will an alternative for that, see https://github.com/opnsense/plugins/issues/1503#issue-493737939

br

Title: Re: Unbound DNS returns IP addresses for all local VLAN interfaces
Post by: Gauss23 on October 23, 2020, 04:24:33 pm

Quote from: Mks on October 23, 2020, 03:25:55 pm

the help text says that the unbound custom options will be removed in a future version

You'll find that note at multiple places. Without custom options many scenarios are not doable. So I think they'll stay until the UI is able to present every config option. In my opinion it's better to stay with the custom field for rarely used options. Or make those custom fields only editable/viewable by a "superadmin".

I use them a lot, unbound is one example, OpenVPN is another.