Goal: Use DHCP, and each host in the LAN get a fqdn to use.
- DHCPv4 (on opnsense) → LAN
- DNS server: use the LAN IP of the firewall. DO NOT left empty or use 1.1.1.1. Otherwise your VMs in LAN won’t use OPNSense as the DNS.
- 这一点跟 Asus 这里消费级路由器不同,消费级路由器通常用 留空 来表示: router (i.e. your gateway) is also your DNS for the LAN。只有留空之后,路由器在 WAN 上面设置的 DNS 才会被用到。Asus router 相当于做了个 DNS 中继。然后这个时候,如果是 Asus Router,如果还有 Manully assigned IPs 在 LAN DHCP 里面,而且这些 IP 还指定来 Host name (短域名),那么这个 Host name 和 DHCP LAN 里面设置的 Domain name, 一起,就能为 manually assigned IPs 提供类似 DNS 的服务。
- e.g. manually assigned IP: 192.168.1.2, Host Name:
pod, DHCP domain:lan→pod.lan就是一个 Asus Router 作为DNS时,可以解析的 FQDN.- 算是超级简化版的 DNS 了。但是注意这里要求 DHCP DNS 留空。而 OPNsense → DHCP 就必须不能留空(才能用到 Unbound)。
- e.g. manually assigned IP: 192.168.1.2, Host Name:
- 这一点跟 Asus 这里消费级路由器不同,消费级路由器通常用 留空 来表示: router (i.e. your gateway) is also your DNS for the LAN。只有留空之后,路由器在 WAN 上面设置的 DNS 才会被用到。Asus router 相当于做了个 DNS 中继。然后这个时候,如果是 Asus Router,如果还有 Manully assigned IPs 在 LAN DHCP 里面,而且这些 IP 还指定来 Host name (短域名),那么这个 Host name 和 DHCP LAN 里面设置的 Domain name, 一起,就能为 manually assigned IPs 提供类似 DNS 的服务。
- Domain name: use one for your LAN, it should be exactly the same as the one used in System → Settings → General → Domain.
- Set range correctly (skipped in this post).
- DNS server: use the LAN IP of the firewall. DO NOT left empty or use 1.1.1.1. Otherwise your VMs in LAN won’t use OPNSense as the DNS.
- Unbound DNS (on opnsense) → General
- Enable Unbound: true
- Network Interface: ALL
- Register ISC DHCP4 Leases: true
- Register DHCP Static Mappings: true
Then, in your ubuntu VM, you may want to restart the core networking service to drop the current least and request a new one from DHCP.
sudo systemctl restart systemd-networkd.serviceThen, you should be able to use this command to check:
nslookup [yourboxname].[yourdomain]If not working, check whether your Ubuntu VM is using Unbound (OPNSense) as the DNS:
resolvectl status