DNS not the same between Web GUI and SSH setup

dbeiner · 26 November 2019 11:01

Hi folks !

I use IPFire for years now and first, I would like to say a big Thank You to all the people is working around this beautiful product !

Now, I’ve an issue with DNS IP adresses. They are not the same between the Web GUI and the SSH setup menu, as you can see with attached images.

Did you know what’s the problem ? How can I fix this ?

Thank you so much for your answers !

David

jon · 26 November 2019 18:04

I think it can be set here also:
menu Network > Assign DNS server
https://ipfire:444/cgi-bin/dns.cgi

ms · 26 November 2019 21:31

What do you find configured in /var/ipfire/ethernet/settings?

dbeiner · 27 November 2019 08:22

Hello @jon !

I’ve changed my DNS using the URL and now :

the welcome page show “local recursor” about my DNS
the DNSSEC information show wrong DNS entries (I’ve not set up 1.1.1.1) :

DNSSEC968×143 6.75 KB

dbeiner · 27 November 2019 08:25

Hello @ms !

I get this :

DNS1=8.8.8.8
DNS2=1.1.1.1

It’s strange because isn’t the DNS I’ve set into the menu recommanded by @jon…

Can I edit this file manually ?

Thank you !

gremlin · 27 November 2019 10:21

Hi,

the setup of the DNS servers via the above mentioned GUI page is only for those cases where the red interface IP is assigned via DHCP. If your red interface IP is static - like mine - you need to set the DNS servers via SSH setup menu.

Cheers

Gremlin

ms · 27 November 2019 13:08

Yes you can.

But you should not use OpenDNS. They do not support DNSSEC.

hjkl · 15 March 2020 15:33

Can somebody help me to correctly setup the DNS (what to use - GUI or setup app in ssh) for the following cases:

PPP -> I need to use my DNS servers and not the ones from ISP. My DNS servers are denying requests toward a bunch of dangerous domains (and no, these are not OpenDNS server I use)
DHCP - both options: use the ones provided by DHCP (my DHCP will send IPfire the DNS servers that will deny requests toward malicious domains) or manually add my own DNS servers.
Static IP setup -> I need to use my DNS servers and not the ones from ISP. My DNS servers are denying requests toward a bunch of dangerous domains (and no, these are not OpenDNS server I use)

Case: I have a test machine where I test the new Core before deploying it in prod. And because is a test machine, it is used in all possible positions: with PPP (main router), with red0 = DHCP client (behind another IPFire), or with Static IP on red0 …

And …with core 141, the setup app (launched in ssh) does not contain anymore (??) the part where I setup the DNS… Or I need new glasses -> just checked this today, perhaps I did not saw the option?

Thanks!
H&M

arne_f · 15 March 2020 15:58

With core141 all different dns options are replaced by one page in the web gui.
Webgui → Network → Domain Name System