Shanker,
I actually did not realize I could set it to ignore dhcp settings for
dns from the client side. I was trying to figure out how to get the VR to
issue the dns settings I was interested in the guests having.
Thanks for that information, David
From: [email protected]
To: [email protected]
Subject: Re: Using different DNS for guests than Virtual Router
Date: Wed, 24 Apr 2013 04:31:20 +0000
On 23-Apr-2013, at 2:12 AM, David Ortiz <[email protected]> wrote:
Hello,
I am trying to setup a Windows AD server as a guest on my cloudstack
cluster, and join my other guests to the domain it is serving using PowerBroker
Identity Services Open. From what I am seeing, the virtual router will block
me from being able to perform
nslookup or join the domain using the domainjoin-cli command.
David, I don't fully understand how the VR can block you from doing nslookups.
While the VR does provide DNS services and I have not seen it prevent DHCP
clients from using other DNS services (like 8.8.8.8) if a client is configured
to use something else.
If I modify /etc/resolv.conf to point directly at my DC as the dns server, it
can join the domain without any issues. Unfortunately when I reboot, the dhcp
setup with the virtual router will point it back to the virtual router as the
name server.
Yes, that's expected behaviour from DHCP clients. They will default to DHCP
server supplied DNS information.
This default behaviour can be modified depending on your client OS. On Linux
distros using "dhclient", look at dhclient.conf(5) man page for "supersede".
The supersede statement
supersede [ option declaration ] ;
If for some option the client should always use a locally-configured
value or values rather than whatever is supplied by the server, these
values can be defined in the supersede statement.
I also found that I could get nslookup (but not joining the domain) to work by
playing with the dnsmasq.conf settings on the virtual router a little bit,
which works until it is rebooted at which point they revert back to what they
had
been originally. Is there a way to get the virtual router to point guests at
the domain controller as the DNS, or to set up the dnsmasq to allow the AD
joins to occur (and make those settings persistent)? Or alternatively, would I
be able to set up DHCP
on the DC and just circumvent the virtual router entirely?
The dhclient supersede option would fix the problem for you cleanly. The DHCP
client will default to AD for DNS lookups and the join would succeed.
Hth.
--
Shanker Balan
Managing Consultant
M: +91 98860 60539
[email protected] | www.shapeblue.com | Twitter:@shapeblue
ShapeBlue India, 22nd floor, Unit 2201, World Trade Centre, Bangalore - 560 055
This email and any attachments to it may be confidential and are intended
solely for the use of the individual to whom it is addressed. Any views or
opinions expressed are solely those of the author and do not necessarily
represent those of Shape Blue Ltd or
related companies. If you are not the intended recipient of this email, you
must neither take any action based upon its contents, nor copy or show it to
anyone. Please contact the sender if you believe you have received this email
in error. Shape Blue Ltd
is a company incorporated in England & Wales. ShapeBlue Services India LLP is
operated under license from Shape Blue Ltd. ShapeBlue is a registered
trademark.
