Highlighted
New Member
Posts: 1
Registered: ‎08-22-2016
Kudos: 2

UniFi USG local DNS not resolving local hostname correctly

Hello

 

my scenario:

I have an USG-PRO-4 and an USW-24-250W (and some APs). A 10.42.10.1/24 network with DHCP enabled is present, in this network I have server A with IP 10.42.10.192 and hostname "reverseGateway" and server B with IP 10.42.10.15 hostname "webserver". Server A should reach Server B via the hostname ("ping webserver") which worked properly until I changed the IP of Server B in the UniFi GUI to a fixed one 10.42.10.107.

=> Now, when I'm on Server A and execute "ping webserver", it resolves the hostname to the old IP.

Restarted Server A, Server B ,gateway, switch... It doesn't work properly.

 

Furthermore, I can see no option in the UniFi controller to specify a local DNS search domain like "localdomain.tld" so that I can reach my server with "webserver.localdomain.tld".

 

Thanks for your help!!

 

Valentin Heß

Ubiquiti Employee
Posts: 5,167
Registered: ‎08-08-2016
Kudos: 5648
Solutions: 355

Re: UniFi USG local DNS not resolving local hostname correctly

The hostnames are registered to the DNS forwarder from the DHCP-provided hostname. There isn't an easy way to get that back out currently in that circumstance. You can do it manually though. Edit /config/dhcpd.leases and remove the "lease x.x.x.x {" through the closing } for that IP, which will prevent it from reappearing unless you switch it back to a DHCP client. Then edit /etc/hosts and remove the hostname from there. 

 

But then adding resolution for a static IP host isn't exactly straight forward at the moment. I'm working through feature lists needed for USG, and a UI for configuring host overrides is among those. For now, that requires a manual config to resolve static IPs. 

 

Is the host in question configured with a static IP, or is it still a DHCP client but with a static mapping there? 

UI configuration of the DHCP-assigned default domain is also among the features I have on the list. 

Emerging Member
Posts: 48
Registered: ‎11-19-2016
Kudos: 56

Re: UniFi USG local DNS not resolving local hostname correctly

Just want to make sure I understand what you just said...

On the USG, if you have DHCP Reservations (fixed IP) for a host, that hostname will NOT be resolvable by the local resolver (and clients on the LAN)? However, if that same host is set to be dynamically assigned, then DNS resolution WILL work for local clients?

Is the issue the fixed IP assignment, or is the issue setting an Alias that overrides the client's registered name?

Frankly, to make it useable, if I set an Alias in the USG (with or without a Fixed IP assignment) that name should be used in the DNS resolver for clients...this is kind of a big deal, as it fundamentally makes the DHCP server in the USG less desirable to use. It also then necessitates disabling DHCP on the USG and instead using a local DHCP server...

Has there been any update on this feature?
Ubiquiti Employee
Posts: 5,167
Registered: ‎08-08-2016
Kudos: 5648
Solutions: 355

Re: UniFi USG local DNS not resolving local hostname correctly


@robpickering wrote:
Just want to make sure I understand what you just said...

On the USG, if you have DHCP Reservations (fixed IP) for a host, that hostname will NOT be resolvable by the local resolver (and clients on the LAN)? However, if that same host is set to be dynamically assigned, then DNS resolution WILL work for local clients?

No, hosts with DHCP reservations have their client-provided client-hostname registered in DNS, same as dynamically assigned clients. OP's situation was switching a dynamic client to a static IP (not reservation), which will eventually clear out the hostname resolution of the DHCP-assigned IP, but not immediately unless you did a DHCP release on the client before setting its IP as static. 

 


@robpickering wrote:

Is the issue the fixed IP assignment, or is the issue setting an Alias that overrides the client's registered name?

Frankly, to make it useable, if I set an Alias in the USG (with or without a Fixed IP assignment) that name should be used in the DNS resolver for clients...this is kind of a big deal, as it fundamentally makes the DHCP server in the USG less desirable to use. It also then necessitates disabling DHCP on the USG and instead using a local DHCP server...

Has there been any update on this feature?

 

Defining an alias and not an IP is a fundamentally difficult thing to get to register in DNS by the nature of how that all works. Not likely to see that for a while if ever. But registering the configured Alias in DNS for hosts with DHCP reservations was done this past week. After testing and review it should be merged in this coming week, so that functionality is on the way.  

Emerging Member
Posts: 48
Registered: ‎11-19-2016
Kudos: 56

Re: UniFi USG local DNS not resolving local hostname correctly

Okay, thanks for the update. I'm less worried about an alias without a Fixed IP being registered properly, if that ends up being a problem, I'll just make a Fixed IP assignment and the problem should be solved.

Looking forward to this update, as this has been a big pain after moving from pfSense to Ubiquiti USG as my primary firewall. I'll see how the update this week works before reverting back...
New Member
Posts: 1
Registered: ‎03-07-2017
Kudos: 2

Re: UniFi USG local DNS not resolving local hostname correctly

I’m about to giving up for Ubiquiti to fix this issue that a Linksys can do for few bucks can do.

 

My USG-4 is running 4.3.49.5001153 and my Cloud Key is running 5.5.20-9565 with firmware UCK.mtk7623.v0.7.3.5d239c6.170728.1449 … and guess what … I’m not able to resolve any local DNS names on Ubuntu, OSX or iOS devices.

 

After flowing this issue for over 4 months now – and it’s still not solved, I’m seriously considering to sell all of my Ubiquiti products due to disappointments.

Emerging Member
Posts: 48
Registered: ‎11-19-2016
Kudos: 56

Re: UniFi USG local DNS not resolving local hostname correctly

You probably should. Supposedly there is Beta firmware that will allow the resolution to work.
It's been in beta for close to 4 months. The issue has actually been present in the firmware for over 9 months.
It's probably going to be several more months before the firmware is moved to GA and you can easily upgrade to it.

It's funny that it took less than month to introduce the problem, but close to a year to fix it.

I've tossed my USG in the garbage in favor of a pfSense firewall that properly handles resolution.
Ubiquiti Employee
Posts: 5,167
Registered: ‎08-08-2016
Kudos: 5648
Solutions: 355

Re: UniFi USG local DNS not resolving local hostname correctly

There aren't any outstanding problems here with 5.5.x controller versions and any semi-recent firmware version. This has all worked properly in stable versions for several months. @MiFu you have versions all around that will work fine. 

 

One key thing is you need to have a default domain configured. Settings, Networks, edit LAN (and any additional networks) and set something in the Domain Name field. Without that, clients won't do DNS lookups for local hostnames. 

 

Second key part is you need to be using USG for your DHCP server. The  DHCP client-provided client-hostname is what's registered as its hostname in DNS. 

 

Third, clients have to be pointed to USG as their DNS server in order to resolve those names. 

 

That's all there is to it. 

Established Member
Posts: 1,647
Registered: ‎11-12-2015
Kudos: 456
Solutions: 47

Re: UniFi USG local DNS not resolving local hostname correctly

@UBNT-cmb, if a domain name must be configured for this to work then is the resolution of "unifi" a special case? It seems to be treated as a fqdn that has only a tld.
Emerging Member
Posts: 48
Registered: ‎11-19-2016
Kudos: 56

Re: UniFi USG local DNS not resolving local hostname correctly


@UBNT-cmb wrote:

There aren't any outstanding problems here with 5.5.x controller versions and any semi-recent firmware version. This has all worked properly in stable versions for several months. @MiFu you have versions all around that will work fine. 

 

One key thing is you need to have a default domain configured. Settings, Networks, edit LAN (and any additional networks) and set something in the Domain Name field. Without that, clients won't do DNS lookups for local hostnames. 

 

Second key part is you need to be using USG for your DHCP server. The  DHCP client-provided client-hostname is what's registered as its hostname in DNS. 

 

Third, clients have to be pointed to USG as their DNS server in order to resolve those names. 

 

That's all there is to it. 


Well, since this was posted the 5.5.x code for the CloudKey Controller was apparently released (I frequently upgrade, this hasn't been GA for months).  I'll upgrade and repeat my previous testing to see if it is working and will report back.

Emerging Member
Posts: 48
Registered: ‎11-19-2016
Kudos: 56

Re: UniFi USG local DNS not resolving local hostname correctly

[ Edited ]

@UBNT-cmb wrote:

There aren't any outstanding problems here with 5.5.x controller versions and any semi-recent firmware version. This has all worked properly in stable versions for several months. @MiFu you have versions all around that will work fine. 

 

One key thing is you need to have a default domain configured. Settings, Networks, edit LAN (and any additional networks) and set something in the Domain Name field. Without that, clients won't do DNS lookups for local hostnames. 

 

Second key part is you need to be using USG for your DHCP server. The  DHCP client-provided client-hostname is what's registered as its hostname in DNS. 

 

Third, clients have to be pointed to USG as their DNS server in order to resolve those names. 

 

That's all there is to it. 


Well @UBNT-cmb I just upgraded my CloudKey Controller to 5.5.  Under Settings > Networks, edit LAN I do not see a "Domain Name" field to fill out...  Am I missing something?

 

Screen Shot 2017-08-14 at 8.55.40 PM.png

 

 

Screen Shot 2017-08-14 at 8.54.44 PM.png

Emerging Member
Posts: 97
Registered: ‎02-04-2016
Kudos: 13
Solutions: 3

Re: UniFi USG local DNS not resolving local hostname correctly

It should be between Gateway/Subnet and IGMP Snooping.

 

Try a different browser.

 

What browser are you using ?

UniFi Security Gateway 3P
2 x UniFi Switch 24 POE-250W
UniFi AP-LR, UniFi AP-AC-LR
Ubiquiti Cloud Key
Ubiquiti Edgerouter X SFP
Ubiquiti Employee
Posts: 5,167
Registered: ‎08-08-2016
Kudos: 5648
Solutions: 355

Re: UniFi USG local DNS not resolving local hostname correctly

Looks like what'd happen with stale browser cache, force reload the page and the new fields should appear. 

Regular Member
Posts: 567
Registered: ‎12-15-2016
Kudos: 58
Solutions: 15

Re: UniFi USG local DNS not resolving local hostname correctly

I didn't realise different browsers would show different things, so I was curious to see if I had the domain name box mentioned.....Im using OSX with safari and it DOES have the box mentioned.

 

Screen Shot 2017-08-15 at 18.07.55.png

 

 

 

 

Ubiquiti Employee
Posts: 5,167
Registered: ‎08-08-2016
Kudos: 5648
Solutions: 355

Re: UniFi USG local DNS not resolving local hostname correctly


@phk46 wrote:
@UBNT-cmb, if a domain name must be configured for this to work then is the resolution of "unifi" a special case? It seems to be treated as a fqdn that has only a tld.

The domain name requirement is a client OS thing. Windows, OS X, and modern Linux desktop-focused distros will only do LLMNR lookups for non-qualified hostnames if they do not have a default domain assigned. UAP, USW and USG don't care either way, they'll all do DNS lookups on non-qualified hostnames. As will BSDs, and most server-focused and embedded Linux distros in a default config. 

Ubiquiti Employee
Posts: 5,167
Registered: ‎08-08-2016
Kudos: 5648
Solutions: 355

Re: UniFi USG local DNS not resolving local hostname correctly


@malcky wrote:

I didn't realise different browsers would show different things, so I was curious to see if I had the domain name box mentioned.....Im using OSX with safari and it DOES have the box mentioned.

 


They won't. That's javascript-driven, which browsers have a habit of hanging onto at times. Force refresh or clear your cache and it'll re-fetch the js and show the fields. 

Emerging Member
Posts: 48
Registered: ‎11-19-2016
Kudos: 56

Re: UniFi USG local DNS not resolving local hostname correctly

Following an upgrade to my USG (after upgrading the CloudKey) I was able to see the Domain name field...

 

Sorry for the delay in my response...
I wanted to get home and do some extensive documentation and testing...

 

Here is the network:

  • UniFi Security Gateway 3P (USG) (4.3.49.5001150) plugged into AT&T U-verse VDSL modem
  • Outside IP: 192.168.1.65
  • Inside IP: 172.31.1.1
  • USG inside port plugged into UniFi Switch 16 POE-150W (3.8.6.6650)
  • Controller, UniFi CloudKey (5.5.20 (Build: atag_5.5.20_9565)), plugged into Switch 16 POE-150W
  • UniFi AP-AC-Pro (3.8.6.6650) also plugged into Switch 16 POE-150W
  • Test system, Mac Book Pro on Wireless network (via UniFi AP-AC-Pro)

/etc/resolv.conf on Macintosh:
nameserver 172.31.1.1

 

Same nameserver is listed under Network Preferences, Advanced, DNS (the only server)

 

MacBook-Pro:~ pickerin$ nslookup harmony-hub
Server: 172.31.1.1
Address: 172.31.1.1#53

 

Non-authoritative answer:
Name: harmony-hub.pickering.net
Address: 104.239.207.44
Name: harmony-hub.pickering.net
Address: 198.105.254.130

 

These addresses are AT&T's dnserrorassist.att.net default search page whenever an unknown DNS query is sent to the AT&T DNS server, which implies the USG is forwarding the request to the public DNS server that it has been configured with via DHCP.  The USG is configured for this host as follows:

 

Screen Shot 2017-08-15 at 10.00.18 PM.png

 

Screen Shot 2017-08-15 at 10.00.36 PM.png

 

 

Screen Shot 2017-08-15 at 9.56.55 PM.png


So, the alias I have defined, which is how the host shows up in the Clients screen, is totally ignored for DNS in favor of the "Hostname" that the client originally identified itself as...no matter what.

 

You know, unless that client identifies itself with illegal DNS characters, like spaces, and then they're changed, like with my Living Room Fan:

 

MacBook-Pro:~ pickerin$ nslookup LivingRoomFan.localdomain
Server: 172.31.1.1
Address: 172.31.1.1#53

Name: LivingRoomFan.localdomain
Address: 172.16.1.168

 

Screen Shot 2017-08-15 at 10.19.52 PM.png

 

So, DNS is still broken (in my opinion), at a minimum it's not usable for production use within a network:

 

  • Ignores alias configurations in favor of whatever the client identifies itself as for a hostname
  • Ignores static IP assignments
  • Doesn't adhere to its own rules of always leveraging the Hostname within DNS. So, in some cases, it's impossible to actually determine what name a host is registered as in DNS (without logging into the USG over SSH and looking at the local /etc/hosts file)

I'm not sure why these issues cannot be resolved easily, but this thread has existed for almost a year and the only improvements we've seen is to not register illegal names in DNS (but not reveal those changes in any way that can be used) and the addition of a local domain name. Neither of which actually makes it any more usable for standard networks.

 

-Rob

Senior Member
Posts: 3,032
Registered: ‎04-26-2016
Kudos: 1159
Solutions: 312

Re: UniFi USG local DNS not resolving local hostname correctly

[ Edited ]

The Alias defined in the controller is NOT used for DNS. It is only meant as a description for a device, not to define its DNS name. Always has been that way, so it is not a bug.

If this were used as the DNS name, it would cause trouble on my network, because the aliases I use are not suitable as network names.

 

There has been a feature request to change this, or to add a hostname field to assign a hostname.

 

 

 

Emerging Member
Posts: 48
Registered: ‎11-19-2016
Kudos: 56

Re: UniFi USG local DNS not resolving local hostname correctly

Whether or not the alias is used within DNS (it's not currenty), for me isn't the issue.

 

The issue for me is that the DNS implementation in the USG is half-baked.  It provides no mechanism for supporting DNS features beyond dynamic-host resolution via DHCP and that's the crux of the problem.

 

Hosts rarely identify themselves with names that people will be able to remember and use for resolution (the whole reason that DNS exists in the first place).  What is needed are two additional capabilities and at this point I do not see these happening on the USG, which is why I've abandoned it for DHCP, DNS, and therefore Firewalling (in favor of a pfSense server, which supports all of these):

  • Ability to change the client-identified Hostname that is used for resolution (doesn't have to be the alias, sounds like it shouldn't based on historical usage of that field, but allow for the editing of the Hostname field and subsequent disabling of future dynamic client updates of the hostname for that IP/MAC)
  • Ability to add static DNS entries for hosts that are manually assigned an IP address

These two features would make the USG DNS usable on networks that contain:

  • Mis-identifying hosts providing inaccurate or impromper names for DNS resolution
  • Statically assigned (not reserved) host resolution for hosts that do not participate in DHCP

The DNS resolution on the USG is tightly coupled with DHCP, which is what causes the issues mentioned above. This is actually the only DNS implementation I've run across that is so tightly coupled, I'm sure it has to do with the implementation; but I need a fully operational DNS server for my internal network and the USG isn't it.

 

-Rob

Senior Member
Posts: 3,032
Registered: ‎04-26-2016
Kudos: 1159
Solutions: 312

Re: UniFi USG local DNS not resolving local hostname correctly

i do agree, I only wanted to point out that you misinterpreted the function of the Alias field.