DNSMASQ Alias -> to cname records

Started by feelx, June 07, 2025, 09:01:30 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 07, 2025, 09:01:30 PM
Hello Team, I noticed that if you use DNSMasq and add static Hosts the FQDN alias will also be a host entry for the IPv4 address in the Host file.

Could that be changed into the DNSMAQ CNAME Syntax? That would also allow all IP-Addresses for the host to have the alias.

from DNSMASQ
Code Select
> --cname=<cname>,[<cname>,]<target>[,<TTL>]
    Return a CNAME record which indicates that <cname> is really <target>. There is a significant limitation on the target; > it must be a DNS record which is known to dnsmasq and NOT a DNS record which comes from an upstream server. The cname must > be unique, but it is permissible to have more than one cname pointing to the same target. Indeed it's possible to declare > > multiple cnames to a target in a single line, like so: --cname=cname1,cname2,target

    If the time-to-live is given, it overrides the default, which is zero or the value of --local-ttl. The value is a positive integer and gives the time-to-live in seconds.
June 18, 2025, 01:00:25 PM #1
I also stumbled across this. I raised a Github issue to address this directly: https://github.com/opnsense/core/issues/8821
June 20, 2025, 01:37:44 PM #2
While the team is working on this issue I kind of solved (it's more or less a workaround, not a solution) it using the Unbound Advanced Configuration.

I created a file

Code Select
cnames.conf
under

Code Select
/usr/local/etc/unbound.opnsense.d
with entries like this:

Code Select
local-data: "host.domain.de CNAME anotherhost.domain.de"
Works like a charm.
June 20, 2025, 01:43:50 PM #3
I'm not sure if its an issue.

Both Unbound and Dnsmasq use the same approach when it comes to aliases, they get created as A or AAAA-Records, not as cnames.

So its more in the realm of a feature request in both.
Hardware:
DEC740
June 20, 2025, 01:57:08 PM #4 Last Edit: June 20, 2025, 02:00:19 PM by olmo1501
Agreed. I used the term "issue" in the meaning of "not working as expected" and not "this is a bug".

If we are talking about the Alias-Record-Type then returning IPv4- and IPv6-addresses must be expected. And that's what it does right now. And with a dynamic prefix and the use of a constructor a IPv6-address can not be returned. I totally understand that.

So let's talk about the use of CNAME instead of Alias. That would work around the problem of not being able to return a IPv6-address. I can not think of any side-effects right now.
June 20, 2025, 02:42:36 PM #5
I understand the issue, though I'm not sure aliases can just be swapped out for cnames in the same mask without any other side effects for current users, they are around since many years exactly like this, so there is lots of old configurations around that might rely on them exactly as they are right now.

CNAMEs would probably need their own grid with their own validations, they must be unique for example... kinda annoying cause the current aliases do not have to be unique.

This all puts it more in the realm of a feature request, which might be possible if the github issue is reworded a little. Definitely something to discuss.

Hardware:
DEC740
June 20, 2025, 02:54:22 PM #6
Reworded the Github issue to make it sound more like a feature request.
Print
Go Up Pages1
User actions