OPNsense Forum
Archive => 22.1 Legacy Series => Topic started by: Mitzsch on April 17, 2022, 10:36:53 am
-
Hello everyone!
I just noticed in case dhcp registration is turned on and you add an entry to the host override page it would not work correctly. It only won't work for machines that are also registered by the dhcp registration option.
For example:
My main rig "192.168.1.110" is registered by the dhcp registration option as "HomePC". Now when I add "TestHomePC" with the same "192.168.1.110" IP as a Host override it won't resolve it.
nslookup HomePC
Server: OPNsense.home
Address: 192.168.1.1
Name: HomePC.home
Address: 192.168.1.110
were as
nslookup TestHomePC
Server: OPNsense.home
Address: 192.168.1.1
*** TestHomePC wurde von OPNsense.home nicht gefunden: Non-existent domain.
All entries are correctly propagated to their config files. Two different hostnames with the same IP - both set in the host override page - work fine - it just won´t work when one is set by the dhcp registration option and the other one manually. In this case, both entries are in two different config files which seems to break it.
Is this supposed to be working?
Thanks! (:
(EDIT: I´m running OPNsense 22.1.6-amd64)
-
Hey!
So I ran into a very similar situation where I wanted to add host overrides so that *.computer.example.com
gets redirected to computer.example.com
because thats where I have an NGINX reverse-proxy to direct traffic based off of subdomains.
I noticed that with DHCP lease registration in Unbound I was no longer able to get any overrides working anymore.
I was poking around the unbound configuration in /var/unbound
on the server and noticed that /var/unbound/dhcpleases.conf
gets included AFTER /var/unbound/host_entries.conf
, and that order seems to be important when it comes to these things in unbound.
Here's the include order:
...
# DNS Rebinding
# Private domains (DNS Rebinding)
include: /var/unbound/private_domains.conf
# Access lists
include: /var/unbound/access_lists.conf
# Static host entries
include: /var/unbound/host_entries.conf
# DHCP leases (if configured)
include: /var/unbound/dhcpleases.conf
# Custom includes
include: /var/unbound/etc/*.conf
...
I also noticed that part of the unbound startup script is to clear out the conf files in /var/unbound
and repopulate them, meaning that i can't just directly add my overrides directly to those conf files.
The last set of conf files to be included though, are /var/unbound/etc/*.conf
Those conf files originally live within /usr/local/etc/unbound.opnsense.d/
and get copied over on unbound startup
what I ended up doing was creating a new custom.conf file within that directory, and added my unbound settings in there (btw I am very much a newb at unbound so this might not be the right way to do this, but it works for me and my use case. hopefully someone with a better understanding of unbound could chime in and explain exactly what is happening)
local-data: "media.example.com IN A 10.0.0.69" // this is a new record, media is not an existing hostname
local-zone: "computer.example.com" redirect // this is to redirect *.computer.example.com to computer.example.com
local-data: "computer.example.com A 10.0.0.69" // i honestly dont know why this is "needed" but it gets mad and doesnt work right if i dont do this
local-zone: "media.example.com" redirect // this is to redirect *.media.example.com to media.example.com
local-data: "media.example.com A 10.0.0.69" // same as above, doesnt work right if i dont include this
after doing that and restarting unbound in the OPNSense UI i was succesfully able to get nslookup for media.example.com to return the right IP address, as well as subdomain.media.example.com. this worked with computer.example.com and subdomain.computer.example.com as well.
I still have DHCP lease registration enabled and have no issues with this setup.
Hope this helps!
-
Not sure, possible related to https://github.com/opnsense/core/issues/5599 ?