Koozali.org: home of the SME Server
Contribs.org Forums => General Discussion => Topic started by: erroneus on March 08, 2010, 10:08:07 PM
-
I did some searching but didn't see this specifically on the first couple of pages... if it's buried in there deeper, I'm sorry -- perhaps I didn't search for the right terms.
This is probably one of those "rule breaker" things that shouldn't be done for some reason or another, but here's what I want to do:
I have my SME 7.5 server running on my business network. It is providing DHCP services but also, I would like it to provide local DNS as well as external DNS. But there's a complication:
I work in a network that is controlled largely by a parent company. That parent company provides normal active directory DNS services and I want to continue using those services. (for example: server1.bigbrother.com and server2.bigbrother.com are provided by the parent company's DNS.) But I also want to hang local servers on our network as well. (for example: our-server3.bigbrother.com and our-server4.bigbrother.com)
I have hacked my SME server into "resolving locally" so that I can add hosts and then I modified my dhcpd.conf to tell the dhcp clients to use the parent company's DNS servers. When I try to specify a mixture of IP addresses for the parent company's DNS servers and my SME server's IP address, I can either resolve local names or names provided by the parent company, but not both at the same time. Ideally, I would like name resolution to work on the client like this:
1. use hosts file
2. use DNS from SME server
3. use DNS from Parent company servers
I know that hosts always gets checked first by default and then DNS. So I expect what needs to happen on the server side is that clients will only ask my SME server and then the SME server does the magic operations where it checks its local DNS then the remote DNS. But I don't know how to make it do that and I don't even know what search terms to search here to make it happen.
I did some experimentation where I assigned the SME server a different domain and it will resolve that normally along with foreign domains normally. The DNS on the SME thinks it is the authoritative DNS for the domain and so it will not relay or request DNS information from external servers before checking its own database. I'm not sure I am describing this clearly enough so I will list my observations.
1. SME server uses the same domain name as the parent company.
2. SME server will resolve names for that domain, but ONLY from its records and will report failure when the name doesn't appear.
3. Parent company DNS will resolve names for that domain but ONLY from its records and not from any other and will report failure when the name doesn't appear.
4. Mixing parent company DNS and local SME server DNS together in dhcpd.conf yields mixed results, but never are both servers accessed by the client... one or the other, but never both.
So how can I get two DNS services to coexist on the same domain providing the same domain? I know it's a rule breaker. But perhaps if SME could do an order of operations like:
1. Check local DNS database, if host doesn't exist
2. Check remote DNS database
???
-
So how can I get two DNS services to coexist on the same domain providing the same domain?
You can, but only providing the two servers provide the same set of name => IP mappings.
I know it's a rule breaker.
You are right. It's a rule breaker. You don't want to do that.
-
I want/need to be able to add servers to my local network that have nothing to do with the parent company's network. I am highly unlikely to be able to enlist the help of the parent company as they are literally on the other side of the planet and are not only slow-moving, but uncooperative on such matters in general. We want desperately to do our own thing and they pretty much make things impossible.
If the DNS resolution worked on my server the way I describe, then it will be workable I think, as the DNS will only affect clients on my network, not anywhere else on the global corporate network.
I guess I will have to settle for another domain suffix... not what I wanted to do.
-
I want/need to be able to add servers to my local network that have nothing to do with the parent company's network.
Then you will have to use a different domain name (a subdomain, perhaps).
-
Then you will have to use a different domain name (a subdomain, perhaps).
Yeah, so it seems... I'll just have to learn to like it.