Project

General

Profile

Actions

Feature #129

closed

CNAME support for dnsmasq

Added by znerol znerol over 14 years ago. Updated almost 12 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Web Interface
Target version:
-
Start date:
11/04/2009
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:

Description

As of version 2.46 dnsmasq supports limited support for CNAME entries(1,2). When i was about to test the attached patch on an installation of pfSense 1.2.2, the included version of dnsmasq is too old (2.45). I don't currently have the ressources to invest much more time in this issue and therefore just provide the work I've done so far in the hope that someone will pick it up und integrate CNAME support in a future version of pfSense.

1 http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
2 http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html


Files

0001-cname-support-for-dnsmasq.patch (11.4 KB) 0001-cname-support-for-dnsmasq.patch znerol znerol, 11/04/2009 11:46 AM
Actions #1

Updated by Scott Ullrich over 14 years ago

Thanks but we cannot migrate to the new version of DNSMASQ until someone writes a replacement for the isc log scanning option that they removed in haste.

Actions #2

Updated by znerol znerol over 14 years ago

I see. Would'nt it be possible to substitude isc dhcpd entirely with dnsmasq?

Actions #3

Updated by Scott Ullrich over 14 years ago

No. We would loose too many features such as failover-dhcp (CARP).

Actions #4

Updated by znerol znerol over 14 years ago

I did some more research on this matter.

  • There are reasons not to use CNAME records:
    http://cr.yp.to/djbdns/notes.html#aliases
  • I found that there is no problem in having multiple records with the same IP address in /etc/hosts. The pfSense webinterface does not prevent me from entering multiple names (aka A-record) for a single IP address and dnsmasq happily serves them all. For some reason I foolishly thought that this might be a problem...
    pfSense:~#  cat /etc/hosts
    127.0.0.1    localhost localhost.local
    192.168.82.22    pfSense.local pfSense
    192.168.82.22    somehost.local somehost
    192.168.82.22    someotherhost.local someotherhost

So, please close this ticket (wontfix) and forget about it.

Actions #5

Updated by Chris Buechler over 14 years ago

  • Status changed from New to Closed
Actions #6

Updated by allen landsidel almost 12 years ago

I would like to request that this ticket be reopened and the feature reconsidered. Regardless of what DJB may think, there are good reasons to use CNAMEs (or some other form of hostname aliasing).

In our network we have a single intranet server, intranet01. It gets its address from DHCP; in fact, everything on the LAN side of the network gets its address from DHCP, be it static or dynamic. Services hosted by intranet01 have their own hostnames that are accessed via apache named virtual hosting, such as cacti, nagios, svn, and so on. Presently the only way to create these named aliases in pfsense is by IP address, which means the address must be static, and moving the host to a new address or subnet is tedious and error-prone.

Ideally the IP address for a server should only be entered once or never, and aliases used everywhere else, so the address can be changed quickly, easily, and safely.

This problem was demonstrated (somewhat catastrophically) today when we moved DHCP into a different network range, and were left with many invalid and non-working aliases throughout the system that had been created referencing the IP address of a DHCP client; in the aftermath we found that we could not fix these by changing the address to the server name.

Actions #7

Updated by allen landsidel almost 12 years ago

Cancel that, entering new ticket for this in 2.x.

Actions

Also available in: Atom PDF