This is for my homelab, but as it's pretty far beyond the scope of most homelab operations, I figured I could gain more traction here.
Local site: Fortigate 90D-POE as DNS server in Recursive Mode with a DNS Database type Master and view Shadow.
- I don't know what these terms mean, but I followed a Fortinet cookbook and has been working very well.
Remote site: Juniper SRX210HE2 operating as router/firewall/gateway/dhcp server for an ESXi 6.5 server and its VMs.
Since I have an IPSec tunnel between the Fortigate and SRX, I know I can just make the SRX use the Fortigate for DNS, but I don't want all DNS queries to have to go through the tunnel - it's just extra latency. Plus the IPsec tunnel has issues now and then, and I don't want the remote site to be without DNS when the tunnel is down.
Is there a solution that allows me to have a small linux VM on my remote ESXi server that operates as DNS for the remote site? And can it "pull in" the entries from my Fortigate DNS server so that all hostnames in both sites resolve properly at both sites?
I'm not looking to gain a thorough, deep understanding of the RFC associated with DNS. I just want something that works so I can move on to other things. I use the same domain name at both sites and would like some sort of "synchronize the DNS servers with each other" option.
No comments:
Post a Comment