Show Posts
1
17.1 Legacy Series / dns resolver add multiple IP to opnsense box
« on: June 28, 2017, 10:11:17 pm »
Hi,
my opnsense box is configured with multiple interfaces and is named fw.mydomain.fr.
It has dns resolver enabled in fordwarding mode.
When an internal client try to resolve fw.domain.fr it receive a lot of IP causing horrible lag when trying to connect via browser to FW as the interface reachable is the last in the DNS answer.
How can I limit answer to only the last one ? don't know which setting cause this answer ?
Is there a better approch to reach my opnbox via fqdn ?
ps: my box is https exposed to internal lan via haproxy + let'sencrypt plugin.
Thanks for any hint or help.
my opnsense box is configured with multiple interfaces and is named fw.mydomain.fr.
It has dns resolver enabled in fordwarding mode.
When an internal client try to resolve fw.domain.fr it receive a lot of IP causing horrible lag when trying to connect via browser to FW as the interface reachable is the last in the DNS answer.
Code: [Select]
dig fw.home.wospe.fr
; <<>> DiG 9.8.3-P1 <<>> fw.mydomain.fr
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50769
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;fw.mydomain.fr. IN A
;; ANSWER SECTION:
fw.mydomain.fr. 3600 IN A 192.168.4.1
fw.mydomain.fr. 3600 IN A 192.168.2.1
fw.mydomain.fr. 3600 IN A 192.168.1.1How can I limit answer to only the last one ? don't know which setting cause this answer ?
Is there a better approch to reach my opnbox via fqdn ?
ps: my box is https exposed to internal lan via haproxy + let'sencrypt plugin.
Thanks for any hint or help.