Local reverse DNS lookup to ASA 5512

Hello,

I’m running PI-hole as a internal DNS server whereas I use my ASA 5512 as DHCP server. The issue is that in the reports from PI-hole contain only the IP addresses of all the connected devices and not the FQDN or simply the hostname. Hence I’ve enabled the conditional forward / reverse DNS lookup towards my ASA however all the UDP/53 requests are discarded, and I haven’t found a way to enable the lookup. What would be the correct configuration of the ASA to fetch the host names.

Any suggestions are highly appreciated.

Thanks!

Hello Filip

I’m not quite clear as to what you want to achieve. You want the DNS server to obtain FQDNs for the hosts from the ASA which is the DHCP server? Reverse DNS would not achieve this since no FQDNs are stored within the ASA itself. If you look at an example of DHCP bindings in an ASA you’ll see something similar to this:

NWLASA1# show dhcpd binding 

IP address       Client Identifier        Lease expiration        Type

   10.56.100.11  ff9f.6e85.2400.0200.           1808 seconds    Automatic
                 00ab.1169.b025.e3c0.
                 9d7c.11
   10.56.101.10    0100.0c29.0505.5a            2840 seconds    Automatic
   10.56.101.12    0100.0c29.0505.64            2840 seconds    Automatic
   10.56.101.14       000c.29ed.ff47            3037 seconds    Automatic

This includes only identifiers, no hostnames.

I would suggest that the problem is independent of the ASA. It has to do with the ability of the DNS server to resolve the IP addresses to the hostnames of the internal hosts. However, to determine if the ASA is to blame, I suggest you connect a host directly to the same subnet as the Pi-hole bypassing the ASA to see if you have similar results. If it does end up that the ASA is the problem, then you can attempt to permit the appropriate ports. I suggest you take a look at this lesson for more details about that.

I hope this has been helpful!

Laz