DNS resolver does not resolve static DHCP leases when client is using static IP addressing

[ZeDestructor]

As in title, when my desktop is using a static IP address (and subnet mask and gateway), the DNS resolver does not resolve any addresses bound through the use of static DHCP leases. When I switch the desktop back to DHCP addressing, everything resolve fine.

Dynamic DHCP leases and all other DNS queries however resolve correctly in all cases.

Based on discussions with @fichtner in IRC, he thinks it has something to do with unbound's zones.

On it's relation to other DNS resolver related name resolution bugs (and why I think this is a different issue to all of them):
#435: I had this be a symptom for a while, but later testing revealed the process not to help.
#476: All static entries (including overrides and aliases) fail to resolve. Once desktop is switched to DHCP addressing, all static entries, overrides and aliases also work fine.
#563: Likely related, but much like @AdSchellevis, I have no ACLs setup and it works fine.
#624: Desktop and OPNsense box both live on the same domain and subnet.

Other (possibly relevant information):

OPNsense 16.1 amd64 LibreSSL on ESXi 6.0U1 with vmxnet3 virtual NICs and Intel X520-DA2 NIC
Windows 10 version 1511 (10586.71) 64-bit on desktop, Intel X520-DA2 NIC

[fichtner]

Tagged this as feature, since there has been a complete sweep of the codebase. Will be available with the development version of 16.1.5 next week for testing.

[AdSchellevis]

@ZeDestructor We refactored the unbound pages, the fixes should be in the next development release. Can you test again at that point (or sooner using a github checkout)?

[ZeDestructor]

I'll have a go at it when it's out.

I can also have a go at building it (how hard can it be, right?). Just pass me the relevant hash.

[AdSchellevis]

@ZeDestructor if you checkout the master branch, you should be fine. testing is really easy, when in /root checkout core using

git clone https://github.com/opnsense/core.git

then reboot or

cd core
make mount

(and restart your services)

[fichtner]

Please be careful on a production firewall, this trick uses unionfs and can crash the box.

# mv core core_safe
# cd core
# make mount

(don't leave the repo at /root/core, it gets auto-mounted on boot and can clobber firmware upgrades)

And don't forget to unmount when done:

# make umount

[ZeDestructor]

Updated to git master master (hash 2a7a87c). Now when using static addressing on the client, the resolver will correctly resolve FQDNs for all addresses (both static and dynamic DHCP leases), but fail to resolve when given only a hostname.

[fichtner]

Does your globally configured domain name differ from the one given in the DHCP setup?

[ZeDestructor]

nope.

[AdSchellevis]

couldn't reproduce, too little time to investigate all possibilities here. it might be client related (missing search list for example).