pfSense DHCP 静态映射在 DNS 解析器中不起作用

tag-icon tag-icon pfsense
pfSense DHCP 静态映射在 DNS 解析器中不起作用

我正在使用 DNS 解析器和新安装的 pfSense v2.3.4,并选中“在 DNS 解析器中注册 DHCP 静态映射”

我在具有专用硬件的 pfSense 安装中使用了相同的设置。但是,在 VMware ESXi 中运行 pfSense 时,相同的配置不起作用。如果我手动将每个主机名添加到主机名覆盖中,它就会起作用。

什么会阻止 pfSense“在 DNS 解析器中注册 DHCP 静态映射”工作?

常规设置下未选中“禁用 DNS 转发器”

Static IP Machine DIG
; <<>> DiG 9.10.3-P4-Ubuntu <<>>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52331
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;.            IN   NS

;; ANSWER SECTION:
.         211203   IN   NS   j.root-servers.net.
.         211203   IN   NS   a.root-servers.net.
.         211203   IN   NS   f.root-servers.net.
.         211203   IN   NS   c.root-servers.net.
.         211203   IN   NS   d.root-servers.net.
.         211203   IN   NS   b.root-servers.net.
.         211203   IN   NS   e.root-servers.net.
.         211203   IN   NS   l.root-servers.net.
.         211203   IN   NS   i.root-servers.net.
.         211203   IN   NS   m.root-servers.net.
.         211203   IN   NS   g.root-servers.net.
.         211203   IN   NS   k.root-servers.net.
.         211203   IN   NS   h.root-servers.net.

;; Query time: 31 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Fri Jul 07 08:50:55 EDT 2017
;; MSG SIZE  rcvd: 239


DHCP Machine DIG

; <<>> DiG 9.10.3-P4-Ubuntu <<>>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14538
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;.            IN   NS

;; ANSWER SECTION:
.         200667   IN   NS   m.root-servers.net.
.         200667   IN   NS   l.root-servers.net.
.         200667   IN   NS   h.root-servers.net.
.         200667   IN   NS   c.root-servers.net.
.         200667   IN   NS   b.root-servers.net.
.         200667   IN   NS   i.root-servers.net.
.         200667   IN   NS   e.root-servers.net.
.         200667   IN   NS   a.root-servers.net.
.         200667   IN   NS   k.root-servers.net.
.         200667   IN   NS   d.root-servers.net.
.         200667   IN   NS   f.root-servers.net.
.         200667   IN   NS   j.root-servers.net.
.         200667   IN   NS   g.root-servers.net.

;; Query time: 35 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Fri Jul 07 10:31:38 EDT 2017
;; MSG SIZE  rcvd: 239


nslookup FreeNas
Server:      192.168.0.1
Address:   192.168.0.1#53

** server can't find FreeNas: NXDOMAIN


DHCP example

nslookup tpc1
Server:      192.168.0.1
Address:   192.168.0.1#53

** server can't find tpc1: NXDOMAIN


nslookup tpc1.yodomain
Server:      192.168.0.1
Address:   192.168.0.1#53

Name:   tpc1.yodomain
Address: 192.168.0.146

在此处输入图片描述

在此处输入图片描述

在此处输入图片描述

此网络的 LAN 规则 在此处输入图片描述

答案1

如果您的 pfSense LAN 接口 MAC 地址与 esxi 机器上的物理接口的 MAC 不匹配(不清楚您是否与 pfSense 之外的其他虚拟机共享 LAN vswitch)您需要在 vswitch 上设置混杂模式以绕过 vswitch MAC 过滤器):

VSphere 4 文档

Procedure
1. Log in to the VMware vSphere Client and select the host from the inventory panel.    
2. Click the Configuration tab, and click Networking.
3. Click Properties for the vSwitch to edit.
4. In the Properties dialog box, click the Ports tab.
5. Select the vSwitch item and click Edit.
6. In the Properties dialog box, click the Security tab.
By default, Promiscuous Mode is set to Reject, and MAC Address Changes and Forged Transmits are set to Accept.

相关内容