"
Hello!
First of all, what I want to do is to reach devices on another VLAN/subnet via hostname instead of IP address. OpnSense is the DNS server, or should be at least :)
Fresh install of latest version of OpnSense. Just created 2 new VLANs/interfaces, added firewall rules to allow any trafic anywhere on both of them for testing.
VLAN 10: 192.168.10.0/24, OpnSense/gateway/DNS address is 192.168.10.1.
VLAN 20: 192.168.20.0/24, OpnSense/gateway/DNS address is 192.168.20.1.
DHCP enabled, and it's giving out 192.168.10.1 as DNS for the VLAN 10, and 192.168.20.1 for the VLAN 20.
Tested with 2 Windows clients on the same VLAN. ping "vm-win11test2" as well as ping "192.168.10.102" works great. Ping to the OpnSense hostname works great also, but responds from the WAN interface of the OpnSense, which has another upstream DNS server on the WAN side of course.
Tested to move one client to the other VLAN. ping "vm-win11test2" gives nothing, "Ping request could not find host vm-win11test2". Ping "192.168.20.102" works great on the other hand, so it's reachable.
Checked firewall logs and can not find anything blocked (should not be either, since everything is "open" with the any rules).
I get the feeling that the OpnSense DNS server either only resolves addresses on the local interface where the client is connected, or not using the local DNS at att - forwarding it to the DNS on the WAN interface directly, which is a separate device. But if that would be the case, it should probably still work I guess, since both clients on both VLANs should act the same.
I'm probably just missing some basic fundamental thing here with my lack of experience of DNS servers, can someone point me in the right direction? Feeling incredibly stupid at the moment, "how hard can it be?" :)
Thanks!
First of all, what I want to do is to reach devices on another VLAN/subnet via hostname instead of IP address. OpnSense is the DNS server, or should be at least :)
Fresh install of latest version of OpnSense. Just created 2 new VLANs/interfaces, added firewall rules to allow any trafic anywhere on both of them for testing.
VLAN 10: 192.168.10.0/24, OpnSense/gateway/DNS address is 192.168.10.1.
VLAN 20: 192.168.20.0/24, OpnSense/gateway/DNS address is 192.168.20.1.
DHCP enabled, and it's giving out 192.168.10.1 as DNS for the VLAN 10, and 192.168.20.1 for the VLAN 20.
Tested with 2 Windows clients on the same VLAN. ping "vm-win11test2" as well as ping "192.168.10.102" works great. Ping to the OpnSense hostname works great also, but responds from the WAN interface of the OpnSense, which has another upstream DNS server on the WAN side of course.
Tested to move one client to the other VLAN. ping "vm-win11test2" gives nothing, "Ping request could not find host vm-win11test2". Ping "192.168.20.102" works great on the other hand, so it's reachable.
Checked firewall logs and can not find anything blocked (should not be either, since everything is "open" with the any rules).
I get the feeling that the OpnSense DNS server either only resolves addresses on the local interface where the client is connected, or not using the local DNS at att - forwarding it to the DNS on the WAN interface directly, which is a separate device. But if that would be the case, it should probably still work I guess, since both clients on both VLANs should act the same.
I'm probably just missing some basic fundamental thing here with my lack of experience of DNS servers, can someone point me in the right direction? Feeling incredibly stupid at the moment, "how hard can it be?" :)
Thanks!
