OPNsense Forum

English Forums => General Discussion => Topic started by: nathamus on August 30, 2017, 01:47:09 pm

Title: How to create a LAN side wildcard DNS entry / override with Unbound DNS
Post by: nathamus on August 30, 2017, 01:47:09 pm

Hello!

I need some advise on how to configure a wildcard DNS entry in the Unbound DNS.
Setup:
- OpnSense 17.7
- WAN with fixed public IP
- registered domain, let's call it mydomain.com
- Internal LAN, e.g. 10.0.0.0/24

On the LAN side I have several machines that use OpnSense as their only DNS server.
Using the Unbound DNS "Overrides" I set the DNS names for the local LAN, let's call it
"mydomain.local", thus I have entries like:
db.mydomain.local -> 10.0.0.100
dc.mydomain.local -> 10.0.0.101
cdsw.mydomain.local -> 10.0.0.200
cdsw1.mydomain.local -> 10.0.0.201 etc.

Now I need is a wildcard DNS entry that points towards one of the machines:
*.cdsw.mydomain.local -> 10.0.0.200
This is required for the service running on that machine.

I tried to create that entry in the GUI, but it did not work.
Under Services / Unbound DNS / Overrides -> create new entry:
Host: *
Domain: cdsw.mydomain.local
=> Error: The hostname can only contain the characters A-Z, 0-9 and '-'.
... and of course I get the same when I try ""*.cdsw" as host and "mydomain.local" as Domain.


Can this be done using the console?
What (file) do I need to edit and how does the syntax look like?

Is this type of change save when it comes to updates of OpnSense or may the manual changes get overridden?
Will it be include in a config backup?

Title: Re: How to create a LAN side wildcard DNS entry / override with Unbound DNS
Post by: nathamus on August 30, 2017, 03:46:48 pm

Update: I switched to "Dnsmasq DNS" and it appears to satisfy my requirements.

Thanks to the pfSense doc entry here:
https://doc.pfsense.org/index.php/Wildcard_Records_in_DNS_Forwarder/Resolver

I created an entry in the Server / Dnsmasq DNS -> Advanced field:
address=/cdsw.mydomain.local/10.0.0.200

In addition I re-created all my Host Overrides entries from the Unbound DNS Overrides section to the Dnsmasq DNS Host Overrides.

Title: Re: How to create a LAN side wildcard DNS entry / override with Unbound DNS
Post by: Ciprian on August 30, 2017, 04:33:23 pm

I didn't test it, but you should have had the same success in Outbound DNS if you have used the "Advanced" field under "General" section of Unbound DNS to put the wildcard expression(s) - so not being mandatory to recreate all overrides in Dnsmask DNS. See attached images :)

Title: Re: How to create a LAN side wildcard DNS entry / override with Unbound DNS
Post by: Charly_gambler on August 09, 2020, 10:24:22 am

Hello hutiucip

If I do this in my setup, the Unbound DNS service stops immediately. Is there a solution to this problem?

Greeting