Pihole thinktank

I am learning NethSecurity currently :stuck_out_tongue:

You’re not the only one, me too…
You may be a bit further than I am…

:slight_smile:

well code related, gui and api

but you are true, we do things to be used, so this is the heading I must not forget

1 Like

then @stephdl how does DNSMasq and Samba work on the same Node?
Now i am lost, and maybe we back to square 1

Equally, even if they are to be implemented on 2 Different Nodes, How would the Implementations with Samba on the organization be, if Pihole is to be used as well?

Am i getting lost in all these, @Andy_Wismer could you help expound on this with regards to Samba DNS and things DNS in organization wide setup, and where and how other DNS comes to the Picture(I am looking at you Firewall)

PIhole has tthe solution in it’s config…
I‘m on the road at the moment, but will detail this a bit later when back home…

1 Like

SAMBA AD is a DNS system that it could not be stopped
DNSMASQ is a DNS system that it could be stopped and alternatively is used as a DHCP server
PIHOLE is the grain of salt to break the system and I would not introduce issues in nethforge :stuck_out_tongue:

so you can not use Samba with DNSMasq

Now, ina organization, we have a firewall, which brings internet, it also has a DNS otherwise internet would not wrk, How does it connect together with Samba, and whats its repurcusions with DNSMasq.

I am brining this in a scenario of a new company, new computers, new Firewall, internet has just been installed now we are configuring all computers in the office, to authenticate Users with Samba to their computer, and they still need to have internet access.

And by extension, the ability to lock Ads is required as well.

in this scenario, we are not limiting ourselves to all these systems being in one computer, They may not even

Why am i bringing this scenario out, i think to understand how to better solve the problem at hand, we need to get to the root of the problem, and the approach we take to solve this issue

Just to clarify: To make AD DNS work correctly, a DNS conditional forwarder for the AD domain to the Samba AD DNS is needed. This is what pihole does and it’s also supported by dnsmasq.

2 Likes

if so then the proposed solution would work, would it not?

the sentiments cautioned by @Andy_Wismer are what were throwing me off.

The issue is that dnsmasq, samba and pihole want to use the same port 53 on the NS8 host.
Maybe the solution could be to have one base DNS server (dnsmasq) running on NS8 host port 53, forwarding AD domain requests to the (internal) AD DNS and the rest to pihole DNS.

Thats was My thinking as well, However it was contrained to Either DNSMasq or Pihole not Both, but if there is a way to have that workable, then it would be a welcome

Coming soon

2 Likes

All very good points raised here.

In preparing to do a test today, it got me thinking back to the ability to have the Samba AD and dnsmasq and PiHole all running on the same physical machine in NS7.

So my question is - from a technical point of view (aside from the containers and a newer operating system), what are the technical differences between NS7 and NS8 which prevents it from happening?

Considering that we got it running in NS7, I don’t yet understand why it can’t work in NS8. Think I am missing something.

with NS7 we got a private network called aqua and we got some firewall route to this network from the firewall

NS8 got a firewall but basic, maybe we could make it workable but I do not want to trade with container and firewalling.

create a second Node and install on it

1 Like

Not for now, there is not enough space in the image root.

1 Like

well what a pity, I have a device with a strong enough cpu and 240GB SSD to run containers or even application

but now we have two products, I need to finish pihole

3 Likes