Hey all. Thanks in advance for any troubleshooting tips you might have.
I'm running a network with a Unifi gateway router that's doing DHCP. We are trying to get away from a Windows Domain environment, but we have a DC running the DNS. We have a lot of Linux in our environment, many different client distros based on whatever the users feel like using. I've set up an Ubuntu Server running Bind9 for DNS and I'm having quite a few issues with it, primarily Search Domain related but there's other problems I'll have to tackle later.
Lets say I'm on an Ubuntu desktop (20.10) and my DHCP from the Unifi gateway (10.1.1.1) is pointing to the Windows DC at 10.1.1.5. If I do a ping to another server, lets call it Goku, it knows to translate "goku" to "goku.corp.capsule.com". If I point the DHCP to my new DNS server running Bind9 on Ubuntu, it fails to translate that. It does resolve if I ping "goku.corp.capsule.com", but not the shortened name.
Nothing is domain joined to the AD, so it shouldn't be getting info that way, but it functions more efficiently as a DNS by being able to translate the shortened name by putting on the "corp.capsule.com" suffix.
I've tried multiple different things, some work but aren't efficient, other things just don't. In all of the zone files I have on my Bind9 I put "$ORIGIN corp.capsule.com." with the trailing period since I think Bind9 needs it. I COULD edit my /etc/resolv.conf and put in either "search corp.capsule.com" or "domain corp.capsule.com", but that's a terrible option because you don't want to try and get 100 individual users to edit their resolv file or append a DNS Suffix to their network adapter settings. And YES I have put the domain string in the Network section in the Unifi controller. There's a nice field there for it and everything but it doesn't actually work for me (at least not on my ubuntu machine).
I've tried setting the DHCP Option 119 but I'm having trouble with it. The unifi controller isn't accepting "corp.capsule.com", I translated it to hex and it took it, but it's not actually working. I've googled a ton of guides on how to configure it, some of them suggest preceeding numbers to indicate the length of the characters like "4(corp hex)7(capsule hex)3(com hex)00" but it rejected this outright with Invalid Payload and I also tried "4corp7capsule3com". It accepted this but doesn't actually work for the search domain. I clearly don't know what I'm doing on this one, just trying things to figure out how it works but I'm coming up with nothing.
How can I configure my network to assume my domain suffix for short name lookup? More specifically for Linux clients, the main option in the Unifi Networks section probably works for Windows just fine.
No comments:
Post a Comment