DNS problem when NS is used a domain controller

iampellegrino · December 28, 2021, 10:53pm

Hostname / Alias = master.ibiopro.com
DNS [8.8.8.8]

All good and synced via NTP america/toronto…

cat etc/hotst: ip showing up = 192.168.2.10 (green network IP) and host = master.ibiopro.com

Exactly my config:

I would rather avoid using an external IP if possible. My DNS entries only include one test server being science.ibiopro .com at addr: 192.168.2.54.

Using this config. None of my machines can resolve science.ibiopro. com…

iampellegrino · December 28, 2021, 10:58pm

Yet, something interesting happened, when I nslookup science.ibiopro.c o m using the green network IP address (192.168.2.10) instead of the AD DNS server (192.168.2.9), it locates the DNS entry w/o any issue! Progress…

It seems like NS is mixed up on the DNS interface… it appears to be using .10 instead of .9 which is associated to Active directory.

Any known ways to fix this?

Thanks and happy holidays to everyone.

Shane_Treweek · December 28, 2021, 11:10pm

That’s expected behavior the DNS on nethserver is on nethserver ie in your case 192.168.2.10 and ad is a container with a virtual ip your case 192.168.2.9 so 192.168.2.10 ( master.ibiopro.com) is your DNS that has a DNS reference that points example ad.master.ibiopro.com to 192.168.2.9

iampellegrino · December 28, 2021, 11:28pm

Ok… By elimination, it seems that AD DNS (.9) does not talk/share with the main green IP (.10) of NS?

Any idea how to fix this?

Shane_Treweek · December 28, 2021, 11:48pm

ok so i for it to work correctly just check the following is set
that you have the alias for ad set in your dashboard as I’m assuming master.ibiopro.com is the hostname of your nethserver

second your dns on nethserver is setup correctly
you dont add a record for ad as it’s auto configured but if you have dns set on your pfsens you ad a an A record there pointing your ad.server to 192.168.2.9

for clarification is your domain science.ibiopro.com or will that be your website (or were you will host it) if the latter your domain would be ibiopro.com so in my example above you would change ksatdesign.com.au to ibiopro.com and orion.ksatdesign.com.au to master.ibiopro.com the bottom domain you would change to your pfsense

if it’s the former ie domain = science.ibiopro.com and nethserver= master.ibiopro.com that wouldn’t be best practices as it should go domain.tld host.domain.tld and you would need to change your nethserver to master.science.ibiopro.com

Shane_Treweek · December 29, 2021, 12:03am

Just for clarification it does “talk” but thats handled internally on nethserver it’s the outside resolution that is the problem in this case

iampellegrino · January 2, 2022, 2:57am

I was missing the alias on the hostname. Thanks. The rest is as recommended.

Still can’t resolve.

Shane_Treweek · January 2, 2022, 6:39am

Is anything local able to be resolved as something is blocking the DNS request