Unbound Wildcard Host Overrides - Cant set opnsense to the same domain?

[random_skrub]

Hi there,

Am running into the issue with unbound + wildcard host overrides.

Basically, I want the wildcard domain *.abc.com to be forwarded to 192.168.123.1 where I got a traefik instance running, which serves as a reverse proxy and then routes traffic to internal / external services.

I want my opnsense (opnsense.abc.com) to work with the above rule too.

Problem is, unbound would not start if I set up my opnsense to be part of the abc.com domain in System Settings. Unbound would throw an error

Code: [Select]

error: local-data in redirect zone must reside at top of zone, not at opnsense.abc.com A 192.168.0.1

Id have to point opnsense to a separate domain, e.g. abc.com.arpa .

On the traefik end I would then set up a rule to forward request @ opnsense.abc.com to its IP. It kind of works but opnsense would complain that there’s a possible DNS rebinding attack. I’d have to disable the check in system settings.

So sadly right now the set up would only work with a workaround present. My question is - can I set my opnsense to the domain I desire while also enabling the wildcard host overrides rule in unbound?

Thanks!