Win2k3 DNS + PFsense DNS Forwarder = No internal DNS resolution
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Win2k3 DNS + PFsense DNS Forwarder = No internal DNS resolution
Hey folks,
Long time reader, infrequent poster here. I seem to have a dilly of a pickle and I'm thinking I may have a unique setup. I'll first explain my LAN logical layout and then address the issue I'm having.
Layout:
I'm by no means a network expert but I can stumble my way around one. Firstly I have my PFSENSE NAT/Firewall box. It provides DHCP info for the entire LAN and is set to act as DNS forwarder for external DNS requests(out to the interwebs). Secondly, I have a win2k3 server AD DC (Active Directory Domain Controller) and it acts as a DNS server for internal resolution. I have several winXP/Win2k machines that work well with this setup. I can resolve FQDN and access the internet just super.
My domain name is home.ads
My DNS server is star-scream.home.ads (192.168.1.8)
My PFsense box is 192.168.1.1
My LAN scope is 192.168.1/24 with .1 through .10 excluded
Issue:
Now here is my issue. I built a Gutsy Gibbon machine with the hopes of running a kerberos authenticated file server(Basically I want to authenticate against the AD DC to act as a file server for the domain users). Problem is, I can't resolve ANY internal DNS names, Fully Qualified or otherwise. I can access the internet just fine and resolve names such as google etc.. To me this indicates the DNS forwarder is ok, and my Ubuntu network settings are given correctly. 192.168.1.8 is indicated as my DNS server, it just doesn't seem to work.
I've searched quite a bit trying to find a similar scenario, but as I mentioned before I think my setup is somewhat uncommon. If anyone has used a setup like this or may have any clue where I can start my troubleshooting would be a huge help.
All my issues seem to be with the ubuntu machine. Please let me know what info I may need to post
p.s. Oh I checked my /etc/resolv.conf file and the nameserver is indicated correctly as 192.168.1.8. As is my understanding this file gets overwritten with DHCP info.
You spelled out the problem yourself. 192.168.1.8 is a DNS server, but only for addresses outside of your LAN. Your FQDN queries off the windows machines are going to the W2k3 server, which is using its info about the AD to answer the LAN queries. The Ubuntu machine it not a member of the domain at present, so it doesn't ask anything but the DNS server for the LAN FQDN addresses, and the DNS server doesn't have that info to give out. You have 2 simple solutions for this:
1) Add a package to the Ubuntu machine to either join the domain and get AD resolution through the 2k3 box, or at least to query a WINS server, which would also be the 2k3 server.
2) Set up the 2k3 box as the master for the LAN zone, and slave the zone on the 192.168.1.8 box. That way when the Ubuntu box asks the DNS server, it can properly respond with an address.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.