Re: Default domain for home network

Sun, 07 Feb 2021 10:40:48 -0800 

On 2/7/21 11:50 AM, Koos Pol via Unbound-users wrote:



Op 07-02-2021 om 17:18 schreef tito:

On Sun, 7 Feb 2021 16:25:43 +0100
Koos Pol via Unbound-users<[email protected]>  wrote:


Background: I have Unbound running on OPNSense as my home network DNS
server.

Question: Is there a setting to have Unbound resolve plain host names
(*cookie*) against my default LAN domain (*sesame.street*)?

At home, my laptops use /etc/resolv.conf, so everything without a
domain name (*cookie*), automatically gets the local LAN domain for
free (*sesame.street*). Now everything resolves just fine:
*cookie.sesame.street.**
*
But I'm running into this issue with the Android phones, which seem
to strictly query host names (without the local domain name).
(Ofcourse, they are on DHCP so to do have the local domain name.) As
a result, Unbound doesn't resolve those queries, but forwards
*cookie* to the root servers. Which is kinda silly.

Thanks!
Koos

Hi,
something like this should work:

1) bind the ip of laptops and android phones to their wifi MAC address
     so that they get handed out always the same ip and your
      internal unbound as dns server

2) set all boxes with wired connections to static ip addresses

3) add:    include: "/var/lib/unbound/local-data.conf"  to your
       unbound.conf file with something like (use your ip):

local-data: "cookie A 192.168.XXX.YYY"
local-data: "cookie.sesame.street A 192.168.XXX.YYY"

4) restart unbound

Ciao,
Tito






Thanks for the suggestion. But that's basically getting back to fixed IP 
addresses, albeit centralized. And you need to maintain it. I'm hoping 
for an /etc/resolv kind of behavioral switch.



You can implement Tito's recommendations with a DHCP hook script. All 
DHCP servers have one. This will keep maintenance to a minimum. If 
static IP are handled through DHCP, then those should be recorded also. 
You can write a file like "dhcp.conf" and include it in 
/etc/unbound/unbound.conf. However to prevent restarting Unbound 
frequently, you also should use unbound-control to insert "local-data:" 
Assume Unbound is a pure recursive resolver even though it does have a 
few extras. It will not append search or default domain to a host name 
query. It won't have other assumptions or shortcuts like dnsmasq or 
windows client.
Example from OpenWrt: 
https://github.com/openwrt/packages/tree/master/net/unbound/files 
(odhcpd.sh)

- Eric






















					Reply via email to