Wrong IP for opnsense host

[Nikotine]

I've got a weird issue.
My laptop is connected to my main VLAN 10.25.9.x.
The opnsense router IP is 10.25.9.1.

Yet when I traceroute opnsense.home.example.com (redacted), I see a warning about multiple addresses and I see it uses 10.25.10.1.

Code Select Expand

niek@3cz4n3 ~ % traceroute opnsense.home.example.com         
traceroute: Warning: opnsense.home.example.com has multiple addresses; using 10.25.10.1
traceroute to opnsense.home.example.com (10.25.10.1), 64 hops max, 40 byte packets
1  *
That subnet is used by the wireguard wg0 interface.
Why isn't opnsense.home.example.com resolving to the normal 10.25.9.1?
Which setting should I be looking at, unbound?

[chemlud]

as a starter: what gives

Code Select Expand

ip a

on your laptop? Is the laptop configured for wireguard?

[Patrick M. Hausen]

By default a DNS lookup of "opnsense.my.do.main" returns all IP addresses of all interfaces local to OPNsense.

You can change this by

* Services > Unbound > General > Do not register system A/AAAA records
* Services > Unbound > Overrides - create an entry with the single IP address you prefer

[Nikotine]

as a starter: what gives

Code Select Expand

ip a

on your laptop? Is the laptop configured for wireguard?

This is a Mac, it doesn't work.

Code Select Expand

ifconfig gives a whole lot of interfaces, none of which are for wireguard.
I connect to wireguard using the wireguard app.

By default a DNS lookup of "opnsense.my.do.main" returns all IP addresses of all interfaces local to OPNsense.

You can change this by

* Services > Unbound > General > Do not register system A/AAAA records
* Services > Unbound > Overrides - create an entry with the single IP address you prefer

Do I need both settings, or just one of them?

[Patrick M. Hausen]

If you set the first, you will get no automatic IP address registration for "opnsense.my.do.main", so you probably want the second, too.

[Nikotine]

Thanks, that worked.