Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
16.1 Legacy Series
»
Resolving LAN hosts (reverse) in log files with local DNS servers?
« previous
next »
Print
Pages: [
1
]
Author
Topic: Resolving LAN hosts (reverse) in log files with local DNS servers? (Read 5796 times)
epoch
Newbie
Posts: 35
Karma: 3
Resolving LAN hosts (reverse) in log files with local DNS servers?
«
on:
April 30, 2016, 02:08:41 pm »
I have setup OPNsense 16.1.12-amd64 to use the following servers:
127.0.0.1
208.67.220.220
208.67.220.222
8.8.4.4
8.8.8.8
DNS resolver is not configured (I don't know that I need it.)
DNS forwarder is configured as this:
Enable DNS Forwarder [X]
Register DHCP leases in DNS forwarder [X]
Register DHCP static mappings in DNS forwarder [X]
Resolve DHCP mappings first [X]
Query DNS servers sequentially [X]
Require domain [X]
Do not forward private reverse lookups [ ]
Listen Port [ ]
Interfaces [All]
Strict Interface Binding [ ]
Domain Overrides:
lan 192.168.1.253 Authoritative DNS on dns.lan
1.168.192-in.addr.arpa 192.168.1.253 Authoritative DNS on dns.lan - Reverse
(along with other "!" domain entries to selectively block forward or reverse lookups forwarding)
In dnsmasq logs I can read this:
Apr 30 13:35:43 dnsmasq[22219]: read /etc/hosts - 9 addresses
Apr 30 13:35:43 dnsmasq[22219]: using nameserver 8.8.8.8#53
Apr 30 13:35:43 dnsmasq[22219]: using nameserver 8.8.4.4#53
Apr 30 13:35:43 dnsmasq[22219]: using nameserver 208.67.220.222#53
Apr 30 13:35:43 dnsmasq[22219]: using nameserver 208.67.220.220#53
Apr 30 13:35:43 dnsmasq[22219]: ignoring nameserver 127.0.0.1 - local interface
Apr 30 13:35:43 dnsmasq[22219]: using local addresses only for domain foo
Apr 30 13:35:43 dnsmasq[22219]: using local addresses only for domain bar
Apr 30 13:35:43 dnsmasq[22219]: using local addresses only for domain baz
Apr 30 13:35:43 dnsmasq[22219]: using local addresses only for domain qux
Apr 30 13:35:43 dnsmasq[22219]: using local addresses only for domain 172-in.addr.arpa
Apr 30 13:35:43 dnsmasq[22219]: using nameserver 192.168.1.253#53 for domain lan
Apr 30 13:35:43 dnsmasq[22219]: using nameserver 192.168.1.253#53 for domain 1.168.192-in.addr.arpa
...
When I ask for a reverse lookup for, say, 192.168.1.252 in the firewall logs, I only get "cannot resolve."
This works from any other host on the LAN, eg:
$ dig +nocmd +noquestion -x 192.168.1.252
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26031
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; ANSWER SECTION:
252.1.168.192.in-addr.arpa. 1800 IN PTR odessa.lan.
;; Query time: 0 msec
;; SERVER: 192.168.1.253#53(192.168.1.253)
;; WHEN: Sat Apr 30 13:43:05 2016
;; MSG SIZE rcvd: 68
I went to the shell on OPNsense. I can resolve forward:
# dig +nocmd +noquestion odessa.lan
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54598
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; ANSWER SECTION:
odessa.lan. 1625 IN A 192.168.1.252
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Apr 30 13:48:45 CEST 2016
;; MSG SIZE rcvd: 55
But the reverse lookup gives this:
# dig -x 192.168.1.252
; <<>> DiG 9.10.3-P4 <<>> -x 192.168.1.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41946
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;252.1.168.192.in-addr.arpa. IN PTR
;; AUTHORITY SECTION:
252.1.168.192.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 1 600 1200 604800 10800
;; Query time: 14 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Apr 30 13:46:10 CEST 2016
;; MSG SIZE rcvd: 114
How can I get OPNsense to forward reverse lookups to other private DNS servers?
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
16.1 Legacy Series
»
Resolving LAN hosts (reverse) in log files with local DNS servers?