Bug #9190
closed
host override for pfsense box DNS name does not override IP of LAN interface
0%
Description
Setting up a hostoverride in Services -> DNS Resolver -> Host Overrides for the name of the pfSense box itself (configured in System -> General Setup -> Hostname) does not override the IP address returned by the resolver. Querying the resolver for the hostname of the pfSense box with an override in place, the resolver answers with two numerical IP addresses, the one of the LAN interface and the one configured in the host override. I would expect that an override actually overrides everything including the hostname of the pfSense box itself.
Updated by Jim Pingle over 5 years ago
- Status changed from New to Not a Bug
Adding multiple overrides will return multiple records, not override the previous result.
If you must have a different result for that name, use a different hostname in the override or under System > General. Discuss on the forum if you need more info.
Updated by Adrian Zaugg over 5 years ago
Jim Pingle wrote:
Adding multiple overrides will return multiple records, not override the previous result.
If you must have a different result for that name, use a different hostname in the override or under System > General. Discuss on the forum if you need more info.
You did not understand this right:
- hostname of the system is "pfsense"
- lan interface address is 172.16.10.10
- hostoverride is pfsense -> 192.168.100.1
Asking the resolver on that box yields:
nslookup pfsense
Name: pfsense.example
Address: 172.16.10.10
Name: pfsense.example
Address: 192.168.100.1
I would expect that if I override pfsense it is overridden and thus only the answer
Name: pfsense.example
Address: 192.168.100.1
was returned. It is not about multiple overrides.
Updated by Jim Pingle over 5 years ago
I understood it correctly, and it's behaving exactly as expected. The system adds an internal "override" entry for the hostname of the firewall itself. You didn't override that with a new entry, you added another entry to its results.
You can't override an entry for something that is already defined locally, you can only override upstream answers.
Updated by Andrew Bobulsky about 3 years ago
Jim Pingle wrote:
I understood it correctly, and it's behaving exactly as expected. The system adds an internal "override" entry for the hostname of the firewall itself. You didn't override that with a new entry, you added another entry to its results.
I want to move my core network service management into a management VLAN. I've created a new VLAN and thought I could just change some firewall rules and fix the DNS record to move the pfSense admin services into the management VLAN, but this behavior makes that impossible.