0

I've been running into a complex issue where I work. We're a small business and we've an Asus RT-AC66U running Tomato 1.2.8

A little background knowledge; In our environment we have a single AD DS Domain Controller setup which is handling our Active Directory and our DNS and VPN Access. We recently replaced our Server 2008 R2 DC with a Server 2012 R2 DC before we started running into issues.

Now the problem; Almost everything is working fine except DNS will not resolve host names for devices that are not on the domain.

Some notes in regards; 1. The DNS settings appear to be configured correctly on all of our devices. The correct DNS settings are being handed out and we can resolve hostnames for everything on the internet and on the domain. 2. If I change the DNS setting to use the Tomato Router, we can ping those devices (but this is not desired, we want the DNS Server to handle our internal DNS, as we have a lot of forward lookup zones and other custom settings there that we prefer to administer from that location).

What I'm looking to do (or at least what seems to be the appropriate solution to me); I would like the Tomato Router to forward the DNS records it's got stored on it to the DNS server, if possible. For any DHCP devices it hands out an IP to (I.e. phones, tablets, guest PCs, etc...) OR have the DNS server somehow grab that data from the Router or inform the computers that the DNS information can be found there.

Any help or suggestions would be appreciated.

PS: Just an additional small FYI. I have gone through about two dozen different "This is how you setup a DNS server posts/blogs" and they all suggest it looks good. All the basic settings are in line and triple checked. I have also talked to other people, poked around at almost anything I could try, and searched through Server Fault and other forums and am at my wits end. Hoping it's something simple I just overlooked.

bbetnar
  • 31
  • 7
  • *All the basic settings are in line and triple checked.* -> share them with us so we can understand your environment. – fukawi2 May 15 '15 at 01:30
  • DC: Roles Added. DNS Server configured with Forward Lookup Zones and Reverse Lookup Zone. Network Interface configured with a static IP with the Router as the Default Gateway and itself as the DNS server using its Private IP Adress. Forwarders are presently set to the Router (although it was previously to our Shaw DNS Addresses) but either way resulted in the same seutp. Recommended firewall ports are open as outlined in this Technet Article. Router: DHCP is setup, hands out addressess for 192.168.x.x w/ Subnet Mask of 255.255.0.0 and gives out the Private IP Address of the DNS Server for DNS – bbetnar May 15 '15 at 01:56
  • To be honest I don't quite understand what you want from last paragrah, but regardess, with a DNS server of your own, you use it for all internal name queries, and forward all other requests to your ISP's DNS. I don't see why you want to forward other requests to your router instead? (or I misunderstood). Your router should just be a traffic relay. – strongline May 15 '15 at 02:24
  • Basically. I have several devices on my network that are not on the Domain, such as a RaspberryPi. These devices receive a DHCP entry from the Router. The Router then stores that IP Address on some internal DNS server. BUT it does not send that information to the Domain Controller which is doing our DNS. Thus, when you use a workstation that is on the domain and attempt to connect to the machine over a service, such as RPD, using the Host Name it does not resolve when it checks the DNS server. Because the DNS server does not have the information. Only the Router does. – bbetnar May 15 '15 at 02:37
  • The only way I see to resolve this, would be for the workstation to get the DNS results from the Router, or the Router to send the DNS information to the DNS Server at the time that it hands out a DHCP lease. Instead of hoarding that information for itself. – bbetnar May 15 '15 at 02:38
  • 1. can you move your DHCP to DC? It doesn't have to be your router; or 2. Some DHCP can register DNS on behalf of clients, if that's true to your router, it'd be perfect for you; or 3. even with your router being DHCP, it's still possible manually specify client devices' DNS instead of getting it from router – strongline May 15 '15 at 02:49
  • To Answer your 3 points; 1. We have considered this, and it should indeed solve our problem, but we were hoping to avoid having to do this as it would require quite a bit of work. Additionally, the problem didn't exist when we had a Server 2008 R2 DC as mentioned above so this option seems like it shouldn't be necessary. It's my plan B if we can't fix the problem. 2. I haven't been able to find out if our Router can do this. I can find no documentation that suggests it is possible. 3. Manual DNS entries are out of the question due to time-cost. But it is a bandaid we've been working with ATM. – bbetnar May 15 '15 at 15:43

0 Answers0