Home / server / Questions / 859975
In Process
jtlindsey
Asked: 2017-07-08 10:41:00 +0800 CST

pfSense DHCP Static Mapping not Working in DNS Resolver

  • 772

I'm using DNS Resolver with a new pfSense v2.3.4 installation with "Register DHCP static mappings in the DNS Resolver" checked

I'm using the same setup in a pfSense installation with dedicated hardware. However, the same configuration doesn't work while running pfSense in VMware ESXi. If I manually add each hostname to hostname overides, it works.

What would prevent pfSense "Register DHCP static mappings in the DNS Resolver" from working?

"Disable DNS Forwarder" is not checked under general settings

Static IP Machine DIG
; <<>> DiG 9.10.3-P4-Ubuntu <<>>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52331
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;.            IN   NS

;; ANSWER SECTION:
.         211203   IN   NS   j.root-servers.net.
.         211203   IN   NS   a.root-servers.net.
.         211203   IN   NS   f.root-servers.net.
.         211203   IN   NS   c.root-servers.net.
.         211203   IN   NS   d.root-servers.net.
.         211203   IN   NS   b.root-servers.net.
.         211203   IN   NS   e.root-servers.net.
.         211203   IN   NS   l.root-servers.net.
.         211203   IN   NS   i.root-servers.net.
.         211203   IN   NS   m.root-servers.net.
.         211203   IN   NS   g.root-servers.net.
.         211203   IN   NS   k.root-servers.net.
.         211203   IN   NS   h.root-servers.net.

;; Query time: 31 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Fri Jul 07 08:50:55 EDT 2017
;; MSG SIZE  rcvd: 239


DHCP Machine DIG

; <<>> DiG 9.10.3-P4-Ubuntu <<>>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14538
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;.            IN   NS

;; ANSWER SECTION:
.         200667   IN   NS   m.root-servers.net.
.         200667   IN   NS   l.root-servers.net.
.         200667   IN   NS   h.root-servers.net.
.         200667   IN   NS   c.root-servers.net.
.         200667   IN   NS   b.root-servers.net.
.         200667   IN   NS   i.root-servers.net.
.         200667   IN   NS   e.root-servers.net.
.         200667   IN   NS   a.root-servers.net.
.         200667   IN   NS   k.root-servers.net.
.         200667   IN   NS   d.root-servers.net.
.         200667   IN   NS   f.root-servers.net.
.         200667   IN   NS   j.root-servers.net.
.         200667   IN   NS   g.root-servers.net.

;; Query time: 35 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Fri Jul 07 10:31:38 EDT 2017
;; MSG SIZE  rcvd: 239


nslookup FreeNas
Server:      192.168.0.1
Address:   192.168.0.1#53

** server can't find FreeNas: NXDOMAIN


DHCP example

nslookup tpc1
Server:      192.168.0.1
Address:   192.168.0.1#53

** server can't find tpc1: NXDOMAIN


nslookup tpc1.yodomain
Server:      192.168.0.1
Address:   192.168.0.1#53

Name:   tpc1.yodomain
Address: 192.168.0.146

enter image description here

enter image description here

enter image description here

LAN rules for this network enter image description here

pfsense

1 Answers

  1. If your pfSense LAN interface MAC address does not match the MAC of the physical interface on the esxi machine (it's not clear if you're sharing the LAN vswitch with other VMs besides pfSense) you'll need to set promiscuous mode on the vswitch to get around the vswitch MAC filters) :

    From VSphere 4 Documentation

    Procedure
1. Log in to the VMware vSphere Client and select the host from the inventory panel.    
2. Click the Configuration tab, and click Networking.
3. Click Properties for the vSwitch to edit.
4. In the Properties dialog box, click the Ports tab.
5. Select the vSwitch item and click Edit.
6. In the Properties dialog box, click the Security tab.
By default, Promiscuous Mode is set to Reject, and MAC Address Changes and Forged Transmits are set to Accept.
    • 1