I am running OPNSense on my home router and have configured OpenVPN on the device, allowing me to connect to my home network from anywhere in the world.
I am also running a BIND DNS server on my home hetwork, with a dedicated zone for all the systems on that network. So far, all RRs are static and maintained by hand.
I would now like to resolve my client VPN addresses through my internal DNS (the clients in question run a Debian-based Linux distro). As I understand it, I have two options:
- configure OpenVPN to assign a static address to each VPN client, and add a static RR to my internal DNS
- configure my DNS server to accept RR updates from clients, and configure OpenVPN (on either the client or server side) to update the RR upon establishing a connection
The constraint is that OpenVPN is running on the OPNsense box, which limits my ability to install some cutting-edge extension server-side (I have to work with whatever is available officially from the OPNsense repo).
For option 2, there is an article on the OpenVPN wiki, but it refers to a feature under development that is 8 years old at the time of this writing, and appears to require some extra server-side packages which might not be available for my use case.
Any tried-and-true recipes to get my internal DNS to resolve my clients’ addresses, given the constraints I mentioned?
