I'm running OpenBSD-current with the provided unbound and dhcpd and
I'm trying to accomplish something that I would think should be pretty
straightforward. When my network clients get an IP address from
dhcpd, I'd like to be able to resolve their hostnames via my local
unbound DNS server.
Example:
1. A laptop with the name foo.bar.com asks dhcpd for an IP address
2. The laptop is assigned 192.168.1.50
3. On a second machine on the network, I'd like to ping foo.bar.com
and get 192.168.1.50 resolved
Is there a configuration option for this or some nudge you can give a
n00b to help me figure this out? My Google-Fu has failed me this time
around.
AFAIK, neither Unbound nor NSD have the facilities to accept dynamic
updates. You would need to use BIND (in packages) instead of the DNS
servers in base if that is necessary for you.
If desired you can create static entries in DNS for particular systems
and have DHCP lookup the address to assign (based on criteria such as
MAC address).
You mean you want the DNS zone bar.com to be updated with the hostname of
your laptop (foo in your case)?
Unbound being a recursive/cache DNS server, that won’t be possible.
You’ll need to set up an Authoritative DNS server (like NSD, Bind or Knot,
all of which are available for OpenBSD) to have this.
Cheers,
--
Nico
Thanks for the quick response. I will look into an authoritative server.
For the adventurous, you can probably make/hack something yourself with
unbound-control local_data /RR data/. With local-zones, Unbound is
"authoritative" for the RR data in a zone. (Note there are different
modes for local-zones: transparent, redirect, deny, etc. See man pages
of unbound and unbound-control.)
>
>>> You mean you want the DNS zone bar.com to be updated with the hostname of
>>> your laptop (foo in your case)?
>>> Unbound being a recursive/cache DNS server, that won’t be possible.
>>> You’ll need to set up an Authoritative DNS server (like NSD, Bind or Knot,
>>> all of which are available for OpenBSD) to have this.
>>>
>>> Cheers,
>>>
>>> --
>>> Nico
>>
>> Thanks for the quick response. I will look into an authoritative server.
>
> As pointed out by someone else, better try with BIND first. Didn't try with NSD and Knot especially on such a scenario.
For the adventurous, you can probably make/hack something yourself with
unbound-control local_data /RR data/. With local-zones, Unbound is
"authoritative" for the RR data in a zone. (Note there are different
modes for local-zones: transparent, redirect, deny, etc. See man pages
of unbound and unbound-control.)
I created a similar setup, using unbound as my resolver, and dnsmasq for
dhcp: dnsmasq is both a dns cache and a dhcp server, and can/will serve
the dns hostnames for the dhcp clients.
You run dnsmasq on port 10053 localhost, and setup unbound to use that
for your dhcp assigned domain space.
unbound.conf:
server:
do-not-query-localhost: no
private-domain: lan.example.net
domain-insecure: lan.example.net