cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Ortiz <>
Subject RE: Using different DNS for guests than Virtual Router
Date Wed, 24 Apr 2013 13:13:01 GMT
       I actually did not realize I could set it to ignore dhcp settings for dns from the
client side.  I was trying to figure out how to get the VR to issue the dns settings I was
interested in the guests having.
Thanks for that information,       David

Subject: Re: Using different DNS for guests than Virtual Router
Date: Wed, 24 Apr 2013 04:31:20 +0000

On 23-Apr-2013, at 2:12 AM, David Ortiz <> wrote:


   I am trying to setup a Windows AD server as a guest on my cloudstack cluster, and join
my other guests to the domain it is serving using PowerBroker Identity Services Open.  From
what I am seeing, the virtual router will block me from being able to perform
 nslookup or join the domain using the domainjoin-cli command.

David, I don't fully understand how the VR can block you from doing nslookups. While the VR
does provide DNS services and I have not seen it prevent DHCP clients from using other DNS
services (like if a client is configured to use something else.

 If I modify /etc/resolv.conf to point directly at my DC as the dns server, it can join the
domain without any issues.  Unfortunately when I reboot, the dhcp setup with the virtual router
will point it back to the virtual router as the
 name server.

Yes, that's expected behaviour from DHCP clients. They will default to DHCP server supplied
DNS information.

This default behaviour can be modified depending on your client OS. On Linux distros using
"dhclient", look at dhclient.conf(5) man page for "supersede". 

       The supersede statement

        supersede [ option declaration ] ;

       If for some option the client should always  use  a  locally-configured

       value  or  values rather than whatever is supplied by the server, these

       values can be defined in the supersede statement.

I also found that I could get nslookup (but not joining the domain) to work by playing with
the dnsmasq.conf settings on the virtual router a little bit, which works until it is rebooted
at which point they revert back to what they had
 been originally.  Is there a way to get the virtual router to point guests at the domain
controller as the DNS, or to set up the dnsmasq to allow the AD joins to occur (and make those
settings persistent)?  Or alternatively, would I be able to set up DHCP
 on the DC and just circumvent the virtual router entirely?

The dhclient supersede option would fix the problem for you cleanly. The DHCP client will
default to AD for DNS lookups and the join would succeed.



Shanker Balan

Managing Consultant

M: +91 98860 60539 | | Twitter:@shapeblue

ShapeBlue India, 22nd floor, Unit 2201, World Trade Centre, Bangalore - 560 055

This email and any attachments to it may be confidential and are intended solely for the use
of the individual to whom it is addressed. Any views or opinions expressed are solely those
of the author and do not necessarily represent those of Shape Blue Ltd or
 related companies. If you are not the intended recipient of this email, you must neither
take any action based upon its contents, nor copy or show it to anyone. Please contact the
sender if you believe you have received this email in error. Shape Blue Ltd
 is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated
under license from Shape Blue Ltd. ShapeBlue is a registered trademark. 		 	   		  
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message