OPNsense Forum

Archive => 18.1 Legacy Series => Topic started by: Perun on May 24, 2018, 12:45:37 pm

Title: unbound auto A records?
Post by: Perun on May 24, 2018, 12:45:37 pm

Hi

Unbound seems to add A records for opnsense host to config if I add new networks (2x new WLAN Net).
I've found these settings in hosts_entries.conf:

Code: [Select]

local-data-ptr: "192.168.60.3 cerber.chao5.int"
local-data: "cerber.chao5.int A 192.168.60.3"
local-data: "cerber A 192.168.60.3"
local-data: "cerber.chao5.int AAAA fe80::6f0:21ff:fe30:3765"
local-data: "cerber AAAA fe80::6f0:21ff:fe30:3765"
local-data-ptr: "192.168.250.3 cerber.chao5.int"
local-data: "cerber.chao5.int A 192.168.250.3"
local-data: "cerber A 192.168.250.3"
local-data: "cerber.chao5.int AAAA fe80::4f0:21ff:fe30:3765"
local-data: "cerber AAAA fe80::4f0:21ff:fe30:3765"
but I cant see them in "Host Override" in the WebUI.
Can I delete them without problems?

Greetz

Title: Re: unbound auto A records?
Post by: franco on May 24, 2018, 10:59:24 pm

Hi,

Sorry for the delay.. I think there is a German thread for this, too?

You can avoid generation of these entries by selecting specific "Network Interfaces" in Unbound, but this will only avoid generation for unselected interfaces.

And I believe that link-local entries can be disabled using "Register IPv6 link-local addresses in the DNS Resolver".

Beyond that there was no need yet to avoid these entries. In what way do they interfere with your operation?


Cheers,
Framco

Title: Re: unbound auto A records?
Post by: Perun on May 25, 2018, 07:03:30 am

right, I've asked in the german forum to.

I have internal other DNS Server what I use. I have configured CARP and unbound should only forward the DNS requests to my both internal DNS Servers on the CARP interfaces. My opnsense Host is only available via GUI on my LAN and other subnets can reach it only on DNS port. If unbound overrides the A records for my opnssense host, then are my LAN hosts using these A records and cant reach the router (it has created A records for my WLAN subnets).

Greetz

Title: Re: unbound auto A records?
Post by: Perun on June 06, 2018, 10:43:49 am

I've deleted the A records from the host_entries.conf, but after restart of unbound there are back...
How can I delete them permanently?

Title: Re: unbound auto A records?
Post by: franco on June 12, 2018, 09:37:44 am

Remove offending lines from /usr/local/etc/inc/plugins.inc.d/unbound.inc -- this will not survive a firmware upgrade, but it will help to find a better solution mid-term.


Thanks,
Franco