OPNsense Forum

Archive => 17.7 Legacy Series => Topic started by: Olodin on September 26, 2017, 02:37:17 pm

Title: DHCP leases not resolvable in unbound
Post by: Olodin on September 26, 2017, 02:37:17 pm

I have set unbound to "Register DHCP leases in the DNS Resolver" and "Register DHCP static mappings in the DNS Resolver" but are unable to resolve new dhcp leases.

What I found so far is, that /var/unbound/dhcpleases.conf is written and data is ok. Simply restarting unbound will help to resolve new hosts from dhcpleases.conf.
It seems that unbound is not triggered to read the changed file.

The box is currently running 17.7.3.

This is unbound config:

Code: [Select]

  <unbound>
    <custom_options>include:/var/unbound/conf.d/ad-blacklist.conf</custom_options>
    <forwarding>1</forwarding>
    <regdhcp>1</regdhcp>
    <regdhcpstatic>1</regdhcpstatic>
    <active_interface/>
    <outgoing_interface/>

### snip
host entries
### snip

    <hideidentity>1</hideidentity>
    <hideversion>1</hideversion>
    <cache_max_ttl/>
    <cache_min_ttl/>
    <incoming_num_tcp>10</incoming_num_tcp>
    <infra_cache_numhosts>10000</infra_cache_numhosts>
    <infra_host_ttl>900</infra_host_ttl>
    <jostle_timeout>200</jostle_timeout>
    <log_verbosity>1</log_verbosity>
    <msgcachesize>4</msgcachesize>
    <num_queries_per_thread>512</num_queries_per_thread>
    <outgoing_num_tcp>10</outgoing_num_tcp>
    <unwanted_reply_threshold/>
    <enable>1</enable>
    <acls>
      <aclname>nt0010 openvpn adress</aclname>
      <aclaction>allow</aclaction>
      <description>nt0010 openvpn adress</description>
      <row>
        <acl_network>172.16.1.2</acl_network>
        <mask>32</mask>
        <description>nt0010 openvpn adress</description>
      </row>
    </acls>
    <acls>
      <aclname>Openvpn Clients</aclname>
      <aclaction>allow</aclaction>
      <description/>
      <row>
        <acl_network>172.16.7.0</acl_network>
        <mask>24</mask>
        <description/>
      </row>
    </acls>
  </unbound>


Title: Re: DHCP leases not resolvable in unbound
Post by: Olodin on October 04, 2017, 04:51:32 pm

Hi,
still have that problem. Today I will update this box to 17.7.4, but I don' think this will help (from reading the changelog).

Since I cannot see any error in logfiles and because restarting unbound always means service interruption of about 2-3 seconds I am using this script to manually reload the unbound:

Code: [Select]

#!/bin/sh
echo "

<?php require_once ('services.inc'); require_once ('util.inc'); killbypid('/var/run/unbound.pid', 'HUP'); exit; ?>

"  | /usr/local/bin/php -q

This will make unbound read /var/unbound/dhcpleases.conf.

Could this be a configuration problem?

Is anyone using dhcp server and unbound on his box and has working DNS resolution of dhcp clients?