PfSense DHCP Static Mapping not Working in DNS Resolver

I'm using DNS Resolver with a new pfSense v2.3.4 installation with "Register DHCP static mappings in the DNS Resolver" checked

I'm using the same setup in a pfSense installation with dedicated hardware. However, the same configuration doesn't work while running pfSense in VMware ESXi. If I manually add each hostname to hostname overides, it works.

What would prevent pfSense "Register DHCP static mappings in the DNS Resolver" from working?

"Disable DNS Forwarder" is not checked under general settings

Static IP Machine DIG
; <<>> DiG 9.10.3-P4-Ubuntu <<>>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52331
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;.            IN   NS

;; ANSWER SECTION:
.         211203   IN   NS   j.root-servers.net.
.         211203   IN   NS   a.root-servers.net.
.         211203   IN   NS   f.root-servers.net.
.         211203   IN   NS   c.root-servers.net.
.         211203   IN   NS   d.root-servers.net.
.         211203   IN   NS   b.root-servers.net.
.         211203   IN   NS   e.root-servers.net.
.         211203   IN   NS   l.root-servers.net.
.         211203   IN   NS   i.root-servers.net.
.         211203   IN   NS   m.root-servers.net.
.         211203   IN   NS   g.root-servers.net.
.         211203   IN   NS   k.root-servers.net.
.         211203   IN   NS   h.root-servers.net.

;; Query time: 31 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Fri Jul 07 08:50:55 EDT 2017
;; MSG SIZE  rcvd: 239


DHCP Machine DIG

; <<>> DiG 9.10.3-P4-Ubuntu <<>>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14538
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;.            IN   NS

;; ANSWER SECTION:
.         200667   IN   NS   m.root-servers.net.
.         200667   IN   NS   l.root-servers.net.
.         200667   IN   NS   h.root-servers.net.
.         200667   IN   NS   c.root-servers.net.
.         200667   IN   NS   b.root-servers.net.
.         200667   IN   NS   i.root-servers.net.
.         200667   IN   NS   e.root-servers.net.
.         200667   IN   NS   a.root-servers.net.
.         200667   IN   NS   k.root-servers.net.
.         200667   IN   NS   d.root-servers.net.
.         200667   IN   NS   f.root-servers.net.
.         200667   IN   NS   j.root-servers.net.
.         200667   IN   NS   g.root-servers.net.

;; Query time: 35 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Fri Jul 07 10:31:38 EDT 2017
;; MSG SIZE  rcvd: 239


nslookup FreeNas
Server:      192.168.0.1
Address:   192.168.0.1#53

** server can't find FreeNas: NXDOMAIN


DHCP example

nslookup tpc1
Server:      192.168.0.1
Address:   192.168.0.1#53

** server can't find tpc1: NXDOMAIN


nslookup tpc1.yodomain
Server:      192.168.0.1
Address:   192.168.0.1#53

Name:   tpc1.yodomain
Address: 192.168.0.146

LAN rules for this network

Best Answer

If your pfSense LAN interface MAC address does not match the MAC of the physical interface on the esxi machine (it's not clear if you're sharing the LAN vswitch with other VMs besides pfSense) you'll need to set promiscuous mode on the vswitch to get around the vswitch MAC filters) :

From VSphere 4 Documentation

Procedure
1. Log in to the VMware vSphere Client and select the host from the inventory panel.    
2. Click the Configuration tab, and click Networking.
3. Click Properties for the vSwitch to edit.
4. In the Properties dialog box, click the Ports tab.
5. Select the vSwitch item and click Edit.
6. In the Properties dialog box, click the Security tab.
By default, Promiscuous Mode is set to Reject, and MAC Address Changes and Forged Transmits are set to Accept.

Best Answer

Related Solutions

PFsense not working with second subnet

PfSense – DHCP Relay

Related Topic