We’re mixing 2 things here an it’s normal since I mentioned them earlier.
The internal DNS resolution with NS appears not to be working. This is my biggest issue since, if that portion would work properly, I wouldn’t have to rely on godaddy to access my internal servers aka hairpin DNS like Andy said.
Therefore, I disabled the external DNS config to concentrate on the NS DNS only. The results from above = internal DNS resolution issues.
My main issue = that any DNS entries I add to NS are unresolvable via nslookup, and this, regardless:
if I use their direct IP address in the DNS entry
if I use the reverse proxy address in the DNS entry and point the reverse proxy to the real IP/port
I really think the issue is with NS’ DNS.
Your thoughts?
…and guys… thank you for the brainstorm. It’s really appreciated
If the domain is not existing, it may be - I’ve never tried.
Removing an A record will not remove a domains “ANY” record…
Get the domains right and try again…
I think you are misunderstanding how clients use dns servers: if you get a reply from the first one DNS server IP, the second one will never get a request.
Maybe you can try to concatenate them in this way :
first dns server for your LAN ( AD 192.168.2.9) this one resolve internal device names and forward queries to 192.168.2.1 (PFSENSE ). This second one resolve names for your exposed services and ( if you use the resolver service, not the forwarding one) all external domains
In the above example, the request for science.ibiopro. com goes to 192.168.2.9 (NS DSN) but it’s not finding anything in its DNS zone. That is my problem now. I’m not trying to resolve the external A record anymore. I’m focusing on the internal DNS problem.
NS DNS = 192.168.2.9
Adding an A record to DNS 192.168.2.9 → science.ibiopro. com
Running NSlookup to this DNS to resolve that exact A record from a domain-joined machine using DNS 192.168.2.9 OR manually selecting the DNS 192.168.2.9 in my nslookup command results in not resolving this A record
Can ping A record w/o any issue = 192.168.2.54…
Can even access web page on port 80 or 443 of A record 192.168.2.54
How is it that DNS 192.168.2.9 (the NS DNS) can’t resolve it own manually added A record?
Should I attempts to reinstall NS to see if this is a bug withing this install
This is where I’m blocked now…
NB: Guys… in case we don’T talk during the holidays… I wish everyone a good and safe holidays.
just need a bit more info as it still seems to be misconfiguration
first what do you have on the first page of the cockpit dashboard for your hostname and dns
for example this is mine
Hostname/Alias = orion.ksatdesign.com.au
DNS = 10.1.1.1 , 1.1.1.1 #the first points to my firewall (opnsense) second to cloudflare public dns
second
check you systemtime on the dashboard is the current date and not something in 1970
third
check your /etc/hosts file contains the internal ip cat /etc/hosts
forth
check your network configuration in the dashboard is set correctly
for example you have one green interface that is set with the internal ip of your nethserver and gateway of your pfsense
and lastly check in dns section (not the first cockpit page thats resolvers) that you have a record that points your server to the EXTERNAL ip not the internal (as the server knows it’s own internal ip automatically and does not need it set but does need the external ip) and has the wildcard option ticked
also make sure you reference your pfsense in here with it’s internal ip and your network (fqdn without the server ie domain.com) with your external ip but dont set wild card and add your dc container pointing to it’s ip
ps. if your doing any tests from your windows machine make sure the windows dns server is set to nethserver not the pfsense
after if everything is working setup unbond dns on pfsense mirror (manual type the records as appears in nethserver) the dns config from nethserver set dhcp to use pfsense for dns 1 and nethserver for dns 2 gateway being pfsense
now on go daddy make sure your records their point to you external ip not your internal