Feature #129
closed
CNAME support for dnsmasq
0%
Description
As of version 2.46 dnsmasq supports limited support for CNAME entries(1,2). When i was about to test the attached patch on an installation of pfSense 1.2.2, the included version of dnsmasq is too old (2.45). I don't currently have the ressources to invest much more time in this issue and therefore just provide the work I've done so far in the hope that someone will pick it up und integrate CNAME support in a future version of pfSense.
1 http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
2 http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html
Files
Updated by Scott Ullrich about 15 years ago
Thanks but we cannot migrate to the new version of DNSMASQ until someone writes a replacement for the isc log scanning option that they removed in haste.
Updated by znerol znerol about 15 years ago
I see. Would'nt it be possible to substitude isc dhcpd entirely with dnsmasq?
Updated by Scott Ullrich about 15 years ago
No. We would loose too many features such as failover-dhcp (CARP).
Updated by znerol znerol about 15 years ago
I did some more research on this matter.
- There are reasons not to use CNAME records:
http://cr.yp.to/djbdns/notes.html#aliases - I found that there is no problem in having multiple records with the same IP address in
/etc/hosts. The pfSense webinterface does not prevent me from entering multiple names (aka A-record) for a single IP address and dnsmasq happily serves them all. For some reason I foolishly thought that this might be a problem...pfSense:~# cat /etc/hosts 127.0.0.1 localhost localhost.local 192.168.82.22 pfSense.local pfSense 192.168.82.22 somehost.local somehost 192.168.82.22 someotherhost.local someotherhost
So, please close this ticket (wontfix) and forget about it.
Updated by
Updated by allen landsidel over 12 years ago
I would like to request that this ticket be reopened and the feature reconsidered. Regardless of what DJB may think, there are good reasons to use CNAMEs (or some other form of hostname aliasing).
In our network we have a single intranet server, intranet01. It gets its address from DHCP; in fact, everything on the LAN side of the network gets its address from DHCP, be it static or dynamic. Services hosted by intranet01 have their own hostnames that are accessed via apache named virtual hosting, such as cacti, nagios, svn, and so on. Presently the only way to create these named aliases in pfsense is by IP address, which means the address must be static, and moving the host to a new address or subnet is tedious and error-prone.
Ideally the IP address for a server should only be entered once or never, and aliases used everywhere else, so the address can be changed quickly, easily, and safely.
This problem was demonstrated (somewhat catastrophically) today when we moved DHCP into a different network range, and were left with many invalid and non-working aliases throughout the system that had been created referencing the IP address of a DHCP client; in the aftermath we found that we could not fix these by changing the address to the server name.
Updated by allen landsidel over 12 years ago
Cancel that, entering new ticket for this in 2.x.