Unbound DNS - Unable to resolve Host Overrides

[yodaphone]

I'm new to opnsense.

I've configured the host overrides to map internal IPs to hosts. But i cant ping them OR connect to them. These hosts are also defined in my cloudflare DNS server. instead of resolving the internal IP it returns the external IP of the firewall.

Any ideas as to why this happens?

for e.g. my bitwarden.domain.com is mapped to an internal IP 192.168.15.4 in UNBound Host Overrides
when i ping bitwarden.domain.com it returns the external IP

[astoklas]

I have exactly the same issue and tried multiple options to resolve this, none of them worked  :(

However, I had the following observation:

Hosts which are only defined in unbound (so no A/CNAME in the public DNS) do work
; <<>> DiG 9.10.6 <<>> localonly.mydomain.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: xxxx
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

Hosts which are defined in unbound and in the public DNS (w/ A or CNAME in the public DNS) do NOT work.
The difference I see is in the number of ANSWER, which seems like unbound is passing the public answer to the client instead of an overwrite
; <<>> DiG 9.10.6 <<>> localnpublic.mydomain.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: xxxxx
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

[marjohn56]

It's working fine here. In fact it wasn't as I'd recently changed a couple of things and forgot to put back the overrides, once restored it all works fine.


Please make sure you flush the dns cache on the PC you are using to test with. Note I'm also using Cloudflare with ssl.