clients on a pfsense with zentyal on local network/domain can't resolve/ping hostnames into ip address to use with Veyon

Question

Hi I have network at a school setup with

pfsense as firewall, router, dhcp and captive portal (for wifi), domain: schoolname.intranet
zentyal: freeradius, ldap, dc, and dns

problem:

clients can't resolve hostnames into ip address, I tried and hostname.schoolname.intranet but neither work.

Business need:

I wanted to be able to use the hostname in veyon so I can have a master computer (teacher's) being able to see other computers on the network and manage them from that master computer, I wanted to do this using the hostname as opposed to the ip address.

some details

there are two networks: 10.20.20.x (wired, pfsense: .1, zentyal: .24 ) and 10.30.30.x (wireless)
client internet connectivity and dns external resolution works fine
dns server issued through dhcp for dhcp clients is 10.20.20.24 (zentyal server)
dns forwarder is enabled in pfsense
zentyal'dns has a forwarder: .1 (pfsense)

if I do dig <hostname> @<pfsense or zentyal ip> it resolves fine

but if I do dig <hostname> I get no resolution

here's sample of a hostname: clementesepxx

fcortxx@benedictoxx:~$ dig clementesepxx

; <<>> DiG 9.16.1-Ubuntu <<>> clementesepxx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 4773
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;clementeseptimxx.      IN  A

;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: lun jul 25 08:56:39 -05 2022
;; MSG SIZE  rcvd: 45

here's the ping command for same hostname from the same client

fcortxx@benedictoxx:~$ ping clementeseptimol
ping: clementesepxx: Temporary failure in name resolution
fcortxx@benedictoxx:~$ ping clementeseptimol.schoolname.intranet
ping: clementesepxx.schoolname.intranet: Name or service not known
fcortxx@benedictoxx:~$

any guidance or help is appreciate it.

General Setup in pfsense

DHCP service

DNS forwarder Service

Your question is mostly offtopic here as not related to a business setting. But: 1) `ping` is not an adequate tool to troubleshoot DNS 2) Do not put data needed to understand your question in some remote link that can go stale, put everything needed in your question 3) `dig` without `@` queries the locally configured recursive nameserver, which seems to be `127.0.0.53` based on your trace... which is typically the address uses by `systemd-resolved` so look at it. It says `SERVFAIL` which should appear in logfiles, as it is a sign of misconfiguration of something. — Patrick Mevzek, Jul 25 '22 at 16:41
Thank you @PatrickMevzek for the feedback. I've added the pics of my pfsense config and some info about why I need this as a business setting. This afternoon I'll check out the logs as you suggested to see if I can spot something to change. — Francisco Cortes, Jul 26 '22 at 18:38

Francisco Cortes · Answer 1 · 2022-08-01T12:49:20.033

0

this more like a work around but it's been the solution for now that I have now adopted to my problem/issue:

I ended up setting up static mappings on my pfsense box: Under status > dhcp leases, I went ahead and found the boxes that I needed to have a predefined Ip address and I clicked on the plus sign in order to setup static dhcp mappings, I used addressed outside the dhcp pool previously configured for said network.

now on veyon I can use ip addresses instead of hostnames (which I think it's better in the long run instead of hostname to ip lookups)

source: static DHCP mappings

edited Aug 01 '22 at 12:49

answered Jul 28 '22 at 17:14

Francisco Cortes

111
3

Your answer suggests a workable solution to the question is available via another website. The Stack Exchange family of Q&A websites [generally frowns on this type of answer](https://meta.stackexchange.com/questions/8231/are-answers-that-just-contain-links-elsewhere-really-good-answers). Please read [How do I write a good answer?](http://serverfault.com/help/how-to-answer) and consider revising your answer to include the steps required to resolve the issue. – Paul Jul 28 '22 at 17:29
1

Hi @Paul, I have updated my answer in the hope that it would align better with what is expected. thank you for the feedback and let me know if there's still an issue with the answer provided. I want to make sure I contribute in the right way. – Francisco Cortes Aug 01 '22 at 12:52

clients on a pfsense with zentyal on local network/domain can't resolve/ping hostnames into ip address to use with Veyon

1 Answers1