Feature Request: Additional DNS Options

[majorsl]

I'm interested in having OPNsense take over my DNS duties as it seems to do everything I need for my relatively simple LAN.

I need one host to have an MX record, but I can't seem to find an option to add it. Maybe a simple checkbox "[x] Add an MX Record for this host" could be done at some point?

Alternately, I love LOVE how you devs did the "Additional BOOTP/DHCP Options" section on the current release (yay, I can finally have option 252) - something like this for advanced DNS would be pretty sweet.

[fichtner]

Are you talking forwarder or resolver?

Forwarder (dnsmasq) has advanced options for the command line, see --mx-host in http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html

Resolver (unbound) has advanced options for the config file, see MX in https://forum.teksyndicate.com/t/need-some-help-with-unbound-dns/68740 et al.

We didn't change DHCP options there... Not sure what you mean. :)

[majorsl]

Oh, okay, so in Resolver I could just directly add:

local data: "example.com. IN MX 10 mail.example.com."

Sorry, I'm accustomed to hand editing BIND. It appears the TTL is globally set in unbound, yes?

Oh, I was complimenting you all on how well the Additional DHCP options are organized. I was looking for something similar to that for DNS which is why I overlooked the raw text entry box, but that works.

[fichtner]

Yes, it's cache-min-ttl. No worries. :)

Maybe something could be added to the host overrides. It's interesting that it has never been there in the first place.

[8191]

Does not completely fit in here, but what about moving the (very?) uncommonly used feature "Listen Port" from the GUI to the advanced options? I cannot imagine any use-case, where someone would like to configure unbound to a different port than 53...

[fichtner]

Agreed, PR welcome. :)

[8191]

@fichtner Regarding the host override: Currently there is a unique key on the host value of each domain override. So it is not possible to add e.g. host1.domain1 and host1.domain2, because both host override entries use the name host portion of the host override.

If we are now thinking of extending the host override feature by oder RRs than A and AAAA, we should maybe think about this restriction: does it make sense?

I personally cannot see a reason why I should not be able to override the same host portion in two different domains with two different IPs.

The regarding code resists in src/etc/inc/unbound.inc:520.

I just saw that the host part is optional. Any clue what was the pfSense's idea behind the host/domain separation then?

[fichtner]

thanks for this @8191 :)

[sjjh]

Forwarder (dnsmasq) has advanced options for the command line, see --mx-host in http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html

@fichtner I cannot find an option in the OPNsense GUI to specify any command line option for a host override in dnsmasq (OPNsense 23.1). Am I overlooking something, or what is the preferred way to add an MX entry (call dnsmasq via ssh with command line option, editing dnsmasq config file via ssh, ...)?
Sorry for the naive question!