Archive > 20.7 Legacy Series

DHCPv4 DNS Registrations Unbound - Multiple Interfaces

(1/1)

gentoorax:
Hi Guys -

I wonder if any of you can help me. I have about 100 VMs some of which have multiple NICs assigned (different subnets/vlans for different purposes etc) all connected to one opnsense server/gateway. One of these networks is used for management of all of the VMs (locked down through ovn port isolation and various other means).

This management network is used by one of our management servers to run ansible playbooks against large collections of client machines.

What I'd like to happen is have DNS entries created against DHCP leases for all machines on this management network. I could just enable "Register DHCP leases" in Unbound, but what then happens when a machine with two NICs on different networks both set to DHCP register with unbound e.g. vm1 has two nics, different networks and subnets (mgmt: 10.100.1.2 and other nic: 10.10.1.2), so which DNS entry will vm1.myorg.local get, will it be 10.100.1.2 or 10.10.1.2? I guess it depends on the order they request DHCP right?

I still need Unbound to work on all interfaces.

Ideally what I'd like to happen is have all machines on the management network register like vm1.mgmt.myorg.local (10.100.1.2 being the management address) and so their other NIC whatever it be used for can function normally vm1.myorg.local without having any of it's DNS entries overridden.

Any ideas, suggestions?

Cheers.

gentoorax:
I have noticed there is an option in Services -> DHCPv4 -> [MgmtNetwork] -> Domain Name, this only seems to take effect if I enable static mappings, I don't really want to do that.

franco:
Isn't this the same as https://forum.opnsense.org/index.php?topic=24084.0 ?


Cheers,
Franco

gentoorax:
Thanks, I had tried searching for this before posting but I think it's because in my situation it's not just VLANs, I didn't search for that. However, it looks like this still applies, so basically there isn't a solution for this. :(

I would have thought if unbound is aware of the subnet or interface it received the dhcp request on it could look up the domain name provided against the interface configuration.

If I can ever find the time, I might look to see if I can develop a solution. I guess I will make do without this or look for some other workaround in the meantime.

Navigation

[0] Message Index

Go to full version