Return-Path: X-Original-To: apmail-cloudstack-users-archive@www.apache.org Delivered-To: apmail-cloudstack-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 5178D1070C for ; Wed, 24 Apr 2013 13:13:38 +0000 (UTC) Received: (qmail 13505 invoked by uid 500); 24 Apr 2013 13:13:37 -0000 Delivered-To: apmail-cloudstack-users-archive@cloudstack.apache.org Received: (qmail 13028 invoked by uid 500); 24 Apr 2013 13:13:33 -0000 Mailing-List: contact users-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@cloudstack.apache.org Delivered-To: mailing list users@cloudstack.apache.org Received: (qmail 12961 invoked by uid 99); 24 Apr 2013 13:13:30 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 24 Apr 2013 13:13:30 +0000 X-ASF-Spam-Status: No, hits=3.5 required=5.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_NONE,SPF_PASS,URI_HEX X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of dportiz@outlook.com designates 65.54.190.155 as permitted sender) Received: from [65.54.190.155] (HELO bay0-omc3-s17.bay0.hotmail.com) (65.54.190.155) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 24 Apr 2013 13:13:24 +0000 Received: from BAY176-W30 ([65.54.190.187]) by bay0-omc3-s17.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675); Wed, 24 Apr 2013 06:13:01 -0700 X-EIP: [03k9wVOoNUJhxaIss/e9toSi3c2kaza4] X-Originating-Email: [dportiz@outlook.com] Message-ID: Content-Type: multipart/alternative; boundary="_55c26b15-5a18-456a-9d9d-377202ba4b1b_" From: David Ortiz To: "users@cloudstack.apache.org" Subject: RE: Using different DNS for guests than Virtual Router Date: Wed, 24 Apr 2013 09:13:01 -0400 Importance: Normal In-Reply-To: References: , MIME-Version: 1.0 X-OriginalArrivalTime: 24 Apr 2013 13:13:01.0144 (UTC) FILETIME=[726C2580:01CE40ED] X-Virus-Checked: Checked by ClamAV on apache.org --_55c26b15-5a18-456a-9d9d-377202ba4b1b_ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Shanker=2C I actually did not realize I could set it to ignore dhcp settings fo= r dns from the client side. I was trying to figure out how to get the VR t= o issue the dns settings I was interested in the guests having. Thanks for that information=2C David From: shanker.balan@shapeblue.com To: users@cloudstack.apache.org Subject: Re: Using different DNS for guests than Virtual Router Date: Wed=2C 24 Apr 2013 04:31:20 +0000 =0A= =0A= =0A= =0A= =0A= On 23-Apr-2013=2C at 2:12 AM=2C David Ortiz wrote: =0A= =0A= Hello=2C =0A= I am trying to setup a Windows AD server as a guest on my cloudstack clu= ster=2C and join my other guests to the domain it is serving using PowerBro= ker Identity Services Open. From what I am seeing=2C the virtual router wi= ll block me from being able to perform=0A= nslookup or join the domain using the domainjoin-cli command.=0A= =0A= =0A= David=2C I don't fully understand how the VR can block you from doing nsloo= kups. While the VR does provide DNS services and I have not seen it prevent= DHCP clients from using other DNS services (like 8.8.8.8) if a client is c= onfigured to use something else.=0A= =0A= If I modify /etc/resolv.conf to point directly at my DC as the dns server= =2C it can join the domain without any issues. Unfortunately when I reboot= =2C the dhcp setup with the virtual router will point it back to the virtua= l router as the=0A= name server.=0A= =0A= =0A= Yes=2C that's expected behaviour from DHCP clients. They will default to DH= CP server supplied DNS information.=0A= =0A= =0A= This default behaviour can be modified depending on your client OS. On Linu= x distros using "dhclient"=2C look at dhclient.conf(5) man page for "supers= ede". =0A= =0A= =0A= The supersede statement =0A= =0A= supersede [ option declaration ] =3B =0A= =0A= If for some option the client should always use a locally-configu= red =0A= value or values rather than whatever is supplied by the server=2C = these =0A= values can be defined in the supersede statement.=0A= =0A= I also found that I could get nslookup (but not joining the domain) to work= by playing with the dnsmasq.conf settings on the virtual router a little b= it=2C which works until it is rebooted at which point they revert back to w= hat they had=0A= been originally. Is there a way to get the virtual router to point guests= at the domain controller as the DNS=2C or to set up the dnsmasq to allow t= he AD joins to occur (and make those settings persistent)? Or alternativel= y=2C would I be able to set up DHCP=0A= on the DC and just circumvent the virtual router entirely? =0A= =0A= =0A= =0A= The dhclient supersede option would fix the problem for you cleanly. The DH= CP client will default to AD for DNS lookups and the join would succeed.=0A= =0A= =0A= Hth.=0A= =0A= =0A= --=20 =0A= Shanker Balan =0A= Managing Consultant =0A= =0A= =0A= =0A= =0A= M: +91 98860 60539 =0A= =0A= =0A= shanker.balan@shapeblue.com | www.shapeblue.com | Twitter:@shapeblue=0A= =0A= ShapeBlue India=2C 22nd floor=2C Unit 2201=2C World Trade Centre=2C Bangalo= re - 560 055=0A= =0A= =0A= This email and any attachments to it may be confidential and are intended s= olely for the use of the individual to whom it is addressed. Any views or o= pinions expressed are solely those of the author and do not necessarily rep= resent those of Shape Blue Ltd or=0A= related companies. If you are not the intended recipient of this email=2C = you must neither take any action based upon its contents=2C nor copy or sho= w it to anyone. Please contact the sender if you believe you have received = this email in error. Shape Blue Ltd=0A= is a company incorporated in England & Wales. ShapeBlue Services India LLP= is operated under license from Shape Blue Ltd. ShapeBlue is a registered t= rademark. = --_55c26b15-5a18-456a-9d9d-377202ba4b1b_--