On Thu, Jan 27, 2011 at 2:05 AM, Scott Lambert <[email protected]> wrote: > From my Mac inside the firewall. > > 00:27:51 Thu Jan 27 $ cat /etc/resolv.conf > # comments snipped > domain lambertfam.org > nameserver 192.168.41.1 > > 00:27:29 Thu Jan 27 $ dig col-br.gvh.tcworks.net > > ; <<>> DiG 9.6.0-APPLE-P2 <<>> col-br.gvh.tcworks.net > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21011 > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 > > ;; QUESTION SECTION: > ;col-br.gvh.tcworks.net. IN A > > ;; Query time: 6 msec > ;; SERVER: 192.168.41.1#53(192.168.41.1) > ;; WHEN: Thu Jan 27 00:27:38 2011 > ;; MSG SIZE rcvd: 40 > > > 00:27:38 Thu Jan 27 $ dig col-br.gvh.tcworks.net @216.61.218.2 > > ; <<>> DiG 9.6.0-APPLE-P2 <<>> col-br.gvh.tcworks.net @216.61.218.2 > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37632 > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3 > > ;; QUESTION SECTION: > ;col-br.gvh.tcworks.net. IN A > > ;; ANSWER SECTION: > col-br.gvh.tcworks.net. 86400 IN A 10.128.1.11 > > ;; AUTHORITY SECTION: > gvh.tcworks.net. 86400 IN NS ns2.tcworks.net. > gvh.tcworks.net. 86400 IN NS ns3.tcworks.net. > gvh.tcworks.net. 86400 IN NS ns1.tcworks.net. > > ;; ADDITIONAL SECTION: > ns1.tcworks.net. 600 IN A 216.61.218.2 > ns2.tcworks.net. 600 IN A 216.61.218.3 > ns3.tcworks.net. 600 IN A 69.153.112.21 > > ;; Query time: 4 msec > ;; SERVER: 216.61.218.2#53(216.61.218.2) > ;; WHEN: Thu Jan 27 00:27:51 2011 > ;; MSG SIZE rcvd: 158 > > 2.0-BETA4 > > FreeBSD pfsense.lambertfam.org 8.1-RELEASE-p1 FreeBSD 8.1-RELEASE-p1 #0: Wed > Sep 29 14:52:58 EDT 2010 > sullrich@FreeBSD_8.0_pfSense_2.0-snaps.pfsense.org:/usr/obj.pfSense/usr/pfSensesrc/src/sys/pfSense_wrap.8.i386 > i386 > > The firewall has been up 110 days, 15:34. > > A reboot didn't change the situation. > > I also upgraded to the Jan 26th snapshot and found the same results. > > Hostnames in the same subdomain without the hyphen work through > dnsmasq on the pfSense box. >
Has nothing to do with the hyphen, it resolves to a private IP, which is rejected by default by the DNS rebinding protection. Disable it under System>Advanced if you need that to work. More info in a thread on the same topic within the past 2-3 days. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
