[SOLVED] KEA hostnames in the firewall live view

Started by FredFresh, Today at 12:39:54 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
Today at 12:39:54 PM Last Edit: Today at 07:17:33 PM by FredFresh
Hi,

there is a way to see the host names specified in the KEA dhcp reservations (internal subnets) inside the firewall live view log?

In the live view page, activating " Lookup hostnames", I see two times the IP address (for internal IPs) and the domain for the external IPs.

Thanks
Today at 03:41:10 PM #1
I assume the firewall itself must use Unbound as its resolver.

If you go to "System - Administration - General" there shouldnt be any DNS forwarders assigned, and the option that DHCp can override DNS servers should be off.

Then OPNsense will only use 127.0.0.1, forcing all lookups through it.

You can check in this file:

# cat /etc/resolv.conf
Hardware:
DEC740
Today at 05:28:53 PM #2
Correct, I am using unbound dns. The other parameters are already as you mentioned: the external dns system is managed through Unboud and the override setting is disabled.

But still I am seeing just the IPs in the column of the hostnames (both source and destination one).
Today at 05:35:26 PM #3
Can you give an exact example of one of these IPs, and the output of nslookup when querying unbound?
Hardware:
DEC740
Today at 06:41:46 PM #4
Hi, here an example:

C:\Users\DD>nslookup 192.168.1.155
Server:  OPNsense.localdomain
Address:  192.168.2.1

*** OPNsense.localdomain non รจ in grado di trovare 192.168.1.155: Non-existent domain
Today at 06:48:15 PM #5 Last Edit: Today at 06:50:37 PM by Monviech (Cedrik)
It looks like Unbound doesnt know the IP address.

It needs a reverse lookup zone (in-addr.arpa)

I dont know if Kea DHCP reservations register reverse lookups inside Unbound.

With dnsmasq though it should work via this tutorial, you can see how the in-addr.arpa TLD is forwarded from Unbound.

https://docs.opnsense.org/manual/dnsmasq.html#dhcpv4-with-dns-registration

Hardware:
DEC740
Today at 07:00:47 PM #6
uh...complicated, I should take my time to carefully read through it.

On unbound i tried to flag the "Register DHCP Static Mappings" as it seems to be what I need, but once I restart the opnsense, unbound does not start because of an error.

If I correctly understand, it could be this https://github.com/opnsense/core/issues/7237
Today at 07:16:51 PM #7
Solved -> https://forum.opnsense.org/index.php?topic=45457.0

Looking in the log of unbound, it was notified an error about a specific hostname....I found I entered that with a " " (space) instead to use an underscore ....

Activating  "Register DHCP Static Mappings", now everything seems to work.

Thank you Cedrik for your time.
Today at 08:11:26 PM #8
Nice job finding that out :)
Hardware:
DEC740
Print
Go Up Pages1
User actions