Hostnames are not being resolved

Started by kwo1, September 15, 2025, 06:34:15 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 15, 2025, 06:34:15 PM
I've already enabled real-tiome DNS enrichment in Zen Armor, under Settings > DNS Enrichment.  I've added DNS servers to the list as well.  However, when I look at the Recent Devices section, 99% of them show up as "Other Device" instead of showing its actual hostname.  In my Reports, I see MAC addresses for the vast majority of devices, instead of hostnames. 

To troubleshoot, I SSH'd to the server and performed an nslookup, specifying the DNS servers.  (nslookup <IP address of computer> <DNS server IP>) and it was able to resolve to hostname successfully, so this tells me opnsense can successfully reach the DNS server I had specified and process the lookup.  

Any ideas?

Thank you
September 16, 2025, 08:36:06 AM #1
Hi,

Could you verify whether the hostnames appear in the Live Sessions - Connections report under the Source Hostname column?
September 17, 2025, 01:05:27 AM #2
Quote from: sy on September 16, 2025, 08:36:06 AMHi,

Could you verify whether the hostnames appear in the Live Sessions - Connections report under the Source Hostname column?
I looked and the majority of them only show IP addresses.  For the ones that do show hostnames, I confirmed that they do not have an entry under Aliases in OPNsense, nor are they statically defined in Unbound DNS. 

I think I found the root cause of my issue:
  • When I first reported my issue, I had 2 local DNS servers defined under DNS Enrichment.  I removed 1 of them. 
  • The remaining DNS server is a domain controller, and it had its own primary DNS pointed at OPNsense under its NIC adapter settings.  I updated it so that it points to itself as the primary DNS. 
  • Reading online, for domain controllers, the NIC adapter should not be used to specify which DNS to use for recursive DNS lookups.  Instead, a proper DNS forwarder should be configured via the DNS Manager.  I did this, and pointed the forwarder to OPNsense.

With how it was configured previously, I think it was causing a vicious loop of the DC and OPNsense querying each other and not going anywhere. 

Now with the changes I listed above, I see hostnames correctly populating in the Live Sessions view and Reports. 

Hope this helps others.   
Print
Go Up Pages1
User actions