plugins icon indicating copy to clipboard operation
plugins copied to clipboard
verified publisher icon opnsense

dns/rfc2136: Do DNS request additionally or instead of cachedipv4 variable

Open 459below opened this issue 2 years ago • 0 comments

Important notices Before you add a new report, we ask you kindly to acknowledge the following:

  • [x] I have read the contributing guide lines at https://github.com/opnsense/plugins/blob/master/CONTRIBUTING.md
  • [x] I have searched the existing issues, open and closed, and I'm convinced that mine is new.
  • [x] When the request is meant for an existing plugin, I've added its name to the title.

Is your feature request related to a problem? Please describe. When the DNS record which the rfc2136 plugin is handling is changed somehow from somewhere else, I experienced that the plugin will not notice this at all. Hence, the IP will remain wrong for probably 25 days according to the hard coded $maxCacheAgeSecs variable.

I have read through rfc2136.inc and it looks to me that the plugin only considers $cachedipv4, which in turn it takes internally from the interface or by an external request to determine the IP address. I think it never checks the actual currently set A record of the NS in question.

Describe the solution you'd like One could simply add a DNS request on the hostname we want to handle and put it in a variable like $currentdnsrecord. Compare $currentdnsrecord with $wanip here https://github.com/opnsense/plugins/blob/bea60a2883fb81a2fb213e98899265e477fa003b/dns/rfc2136/src/etc/inc/plugins.inc.d/rfc2136.inc#L157C1-L158C1 should then effectively resynchronize what dns/rfc2136 believes the IP is and what the rest of the world sees.

I have this exact approach running on a shell script which worked well for years. I could work on a PR implementing this here in the plugin, however, before I put in the time I would like to give maintainers a chance to chime in on whether this approach is even acceptable to them.

Describe alternatives you've considered I tried OPNsense cronjob running "RFC 2136 Update" to force an update, however, this seems to remain without effect. I suppose because only $cachedipv4 and the current IP in $wanip are considered, but not what the DNS server has set as an A record for the hostname in question.

459below avatar Dec 09 '23 13:12 459below