[How-To] - fix nslookup opnsense always resolved with the same vlan gateway

Started by sergiy0, September 26, 2024, 01:21:09 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 26, 2024, 01:21:09 PM Last Edit: September 26, 2024, 01:27:09 PM by sergiy0
Hello guys,

On my setup I have different VLANS and each one has its own IP. Thing is that OPNsense I don't know why is setting /etc/hosts with just 1 IP.

So when I do a nslookup from any device on any vlan I was always getting the same server.

In my case every DNS lookup was being redirected to 192.168.20.1 instead of the gateway for the device VLAN.

So I created a CRON job that runs once a day with a script that just removes that line from /etc/hosts.

Create the following files (you can customise script names):

/usr/local/my_custom_scripts/modify_etc_hosts.sh
Code Select

#!/bin/sh

# Removes the line '192.168.20.1    OPNsense        OPNsense.localdomain'
sed -i '' '/192.168.20.1    OPNsense        OPNsense.localdomain/d' /etc/hosts


set execution permissions:
Code Select

chmod +x '/usr/local/my_custom_scripts/modify_etc_hosts.sh'


/usr/local/opnsense/service/conf/actions.d/actions_modify_etc_hosts.conf
Code Select

[modify_etc_hosts]
command:/usr/local/my_custom_scripts/modify_etc_hosts.sh
parameters:
type:script
message:modifying /etc/hosts
description:Modify /etc/hosts


Now restart the service:
Code Select

service configd restart


Open System > Settings > Cron and create a new job:



With the above set up it will run daily at 0.00AM. You can customise it at the time that suits better for you.

Edit Service > Unbound DNS > Overrides:




You can test the script by running it manually:

Before running the script:
Code Select

cat /etc/hosts

127.0.0.1       localhost       localhost.localdomain
::1             localhost       localhost.localdomain
192.168.20.1    OPNsense        OPNsense.localdomain


Output from 1 client on VLAN gateway 192.168.30.1:
Code Select

nslookup opnsense

Server:  192.168.20.1
Address:  192.168.20.1:53

Non-authoritative answer:
Name:    opnsense.localdomain
Address:  192.168.20.1


Code Select

cd /usr/local/my_custom_scripts
./modify_etc_hosts.sh


After running the script:
Code Select

cat /etc/hosts

127.0.0.1       localhost       localhost.localdomain
::1             localhost       localhost.localdomain


Code Select

nslookup opnsense

Server:  192.168.30.1
Address:  192.168.30.1:53

Non-authoritative answer:
Name:    opnsense.localdomain
Address:  192.168.30.1
Name:    opnsense.localdomain
Address:  192.168.40.1
Name:    opnsense.localdomain
Address:  192.168.50.1
Name:    opnsense.localdomain
Address:  192.168.10.1
Name:    opnsense.localdomain
Address:  192.168.20.1
Print
Go Up Pages1
User actions