How to route to remote VPN machines by hostname?

[baz]

I have two sites connected peer-to-peer through OpenVPN. How can I access machines at the remote site using their hostnames? Somehow my local DNS needs to know about the remote DNS table.

[bartjsmit]

You need to host a secondary remote DNS zone on your local authoritative DNS server and push a search option for that DNS zone through DHCP to your local clients.

Bart...

[baz]

Any idea where to do that in OPNsense with unbound?

[Patrick M. Hausen]

Unbound with different local subdomains on both sides and dynamic updates from DHCP. Then a domain override forwarding requests for the "opposite" subdomain to the responsible unbound.

Both subdomains in domain search path configured via DHCP.

[baz]

> Then a domain override forwarding requests for the "opposite" subdomain to the responsible unbound.

Overriding the domain works perfectly EXCEPT if the VPN disconnects it no longer knows how to reconnect because it can no longer find the public IP. It is looking for it on a dead server. Any idea how to get around that?

[Patrick M. Hausen]

Use a different domain for the VPN endpoints.

[baz]

Somehow I didn't think of that  :-* It was pretty having service1.siteA.domain.com and service2.siteA.domain.com with siteA.domain.com being where you connect, but I guess it's not the end of the world having vpn.siteA.domain.com. Thanks 👍

[Patrick M. Hausen]

Or add a host override for the VPN gateways. Or use IP addresses ... there's more than one way to do it.