internal DNS issues

Started by donee, March 11, 2026, 02:34:50 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 11, 2026, 02:34:50 PM
I feel like a idiot.  All external DNS worked.  I did have any internal hostnames properly resolving internally.  I had and still have the issue where internal DNS would not resolve when connected via wireguard.  Now after trying to fix the wireguard issue internal hosts will not resolve properly any more.   
Luckily external is still working at least. 
March 11, 2026, 04:50:46 PM #1
Quote from: donee on March 11, 2026, 02:34:50 PMI feel like a idiot.
That sucks, but if you want help you need to post more information about your setup and settings applied ;)
Weird guy who likes everything Linux and *BSD on PC/Laptop/Tablet/Mobile and funny little ARM based boards :)
March 12, 2026, 05:48:26 PM #2
Sorry that makes sense.  There are just so many diferent setting I did not know where to start.  I did a fresh install and searched for the suggested setting an it appears that I should only have to
Unbound DNS: General
check
 Register ISC DHCP4 Leases
 Register DHCP Static Mappings
which is did.

still no luck
I just get

** server can't find client: NXDOMAIN
March 12, 2026, 06:27:39 PM #3 Last Edit: March 12, 2026, 07:39:16 PM by meyergru
I severely doubt that those are the "suggested settings". Maybe you got them from an outdated Youtube video about OpnSense?

How do I know this? For starters, when you look at the official docs, you will find a prominent warning about how ISC DHCP is end-of-life. That means: Do not use it.

Apart from that: If you want your clients to be resolved in internal DNS, you will have to make sure that these things work as intended (and you did not say which work and which do not):

1. Your clients must be registered in your local DNS by "some" means. That could be static reservations and corresponding DNS entries or dynamic reservations. Also, they should register under a domain, such that xxx.aaa.zzz can resolve to an IP. You can also enter DNS names directly without a DHCP entry by just having a DNS override (e.g. in Unbound).

So, how did you register the DNS names and BTW: which DNS service did you use? DNSmasq or Unbound? You did not tell.

2. In order to be able to actually resolve the names, you must have a DNS service running and allow your networks clients to access it.
Which is it and can you reach it (a good test would be "nslookup xxx.aaa.zzz <ip-of-opnsense>".

3. The best way of telling your clients where to ask for DNS names and with what "search domains" (e.g. aaa.zzz) to use would be DHCP.
So: do your clients know the correct DNS server IP and do they look for the correct domain names if you only ask for "xxx"?

You see: "no luck" is one thing - as of now, we do not even know where to start.

"Does not work" is by no means a specification by which anyone can help you. Maybe you should look at this.
Intel N100, 4* I226-V, 2* 82559, 16 GByte, 500 GByte NVME, ZTE F6005

1100 down / 800 up, Bufferbloat A+
Today at 01:17:02 AM #4
I believe the default behavior is a combo of 
Services: Dnsmasq DNS & DHCP and Services: Unbound DNS
which is what I am trying to get working.  My external DNS works but I want it so that when a new machine is added to the network via DHCP, its hostname is automatically gets added to DNS and it can be resolved anywhere internally.  I have never had so much trouble getting this working in the past.   Sorry about not being as cear as possible. Hopefully this works better. 


PDF print out of Services: Unbound DNS: General
screenshot of Services: Unbound DNS: General

and a screenshot from Services: Dnsmasq DNS & DHCP: Leases



Print
Go Up Pages1
User actions