cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Ortiz <>
Subject RE: Using different DNS for guests than Virtual Router
Date Tue, 23 Apr 2013 15:51:10 GMT
Hello Ahmad,
      That was my initial attempt.  The issue I ran into was that the dnsmasq settings on
the Virtual Router seem to block the traffic that was required for the machine to join the
domain.  I played around with the settings a little bit and was able to get it to find the
domain, so I would imagine that I could tweak it some more to not be an issue.  However, any
changes I make on the virtual router only last until it is restarted, so without a way to
make those permanent I have to circumvent it entirely.  The blog post that Murali linked for
how to set up a network without DHCP and DNS seems like it was probably the correct way to
do it, but as far as I can tell would require me to start my zone from scratch, so I am trying
to avoid that if possible.
Thanks,       David Ortiz

> CC:
> From:
> Subject: Re: Using different DNS for guests than Virtual Router
> Date: Tue, 23 Apr 2013 08:49:06 -0700
> To:
> Coming from someone that has no clue about active directory... If your using a basic
zone, why don't you have the AD server deployed outside of cloudstack s control. Then point
have your dns entries point to it. Have the default security group for guests open to the
ports AD works on.
> Ahmad
> On Apr 22, 2013, at 1:42 PM, David Ortiz <> wrote:
> > Hello,
> >    I am trying to setup a Windows AD server as a guest on my cloudstack cluster,
and join my other guests to the domain it is serving using PowerBroker Identity Services Open.
 From what I am seeing, the virtual router will block me from being able to perform nslookup
or join the domain using the domainjoin-cli command.  If I modify /etc/resolv.conf to point
directly at my DC as the dns server, it can join the domain without any issues.  Unfortunately
when I reboot, the dhcp setup with the virtual router will point it back to the virtual router
as the name server.  I also found that I could get nslookup (but not joining the domain) to
work by playing with the dnsmasq.conf settings on the virtual router a little bit, which works
until it is rebooted at which point they revert back to what they had been originally.  Is
there a way to get the virtual router to point guests at the domain controller as the DNS,
or to set up the dnsmasq to allow the AD joins to occur (and make those settings persistent)?
 Or alternatively, would I be able to set up DHCP on the DC and just circumvent the virtual
router entirely?
> > Thanks,
> >     David Ortiz                         
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message