search

nethesis / dev

Nethesis issue tracker
http://www.nethesis.it
4 stars 1 forks source link

Flashstart Pro Plus local zone redirect issue #6225

Closed francio87 closed 5 months ago

francio87 commented 7 months ago

Adding a custom IP DNS Forwarder for a specific zone in Flashstart Pro Plus won't redirect the query to the specific DNS server, instead it just respond with the ip address. This can cause issue for example when you try to join a client machine to a domain controller.

Steps to reproduce

config

Expected behavior

DNS query for the specific zone will be redirected to the custom DNS Server

Actual behavior

All the query for the domain will be respondend with the ip address

The dnsmasq's istances use the directive address :

[root@firewall ~]# grep add /etc/dnsmasq-*.conf
/etc/dnsmasq-0.conf:address=/exxxxx.local/192.168.1.3
/etc/dnsmasq-1.conf:address=/exxxxx.local/192.168.1.3
/etc/dnsmasq-2.conf:address=/exxxxx.local/192.168.1.3
/etc/dnsmasq-3.conf:address=/exxxxx.local/192.168.1.3
/etc/dnsmasq-4.conf:address=/exxxxx.local/192.168.1.3

Possible Workaround

Change the option from address to server in the dnsmasq's instances configuration (ie.)

[root@firewall ~]# diff -u /etc/e-smith/templates/dnsmasq-instance/97Zones /etc/e-smith/templates-custom/dnsmasq-instance/97Zones 
--- /etc/e-smith/templates/dnsmasq-instance/97Zones    2023-04-21 09:29:48.000000000 +0200
+++ /etc/e-smith/templates-custom/dnsmasq-instance/97Zones    2023-12-18 10:33:21.342267257 +0100
@@ -10,9 +10,9 @@
     $OUT .= "# Add zone\n";
     my @list_zone = FlashStartHybrid::ServiceDNS::return_zone_list();
     foreach my $elem (@list_zone) {     
-        $OUT .= "address=/$elem->{zone}/$elem->{ip_array}[0]\n";
+        $OUT .= "server=/$elem->{zone}/$elem->{ip_array}[0]\n";
         if (length $elem->{ip_array}[1]) { 
-            $OUT .= "address=/$elem->{zone}/$elem->{ip_array}[1]\n";
+            $OUT .= "server=/$elem->{zone}/$elem->{ip_array}[1]\n";
         }
     }
     $OUT .= "\n";

This result in the following configuration:

[root@firewall ~]# grep 192.168.1.3 /etc/dnsmasq-*
/etc/dnsmasq-0.conf:server=/exxxxx.local/192.168.1.3
/etc/dnsmasq-1.conf:server=/exxxxx.local/192.168.1.3
/etc/dnsmasq-2.conf:server=/exxxxx.local/192.168.1.3
/etc/dnsmasq-3.conf:server=/exxxxx.local/192.168.1.3
/etc/dnsmasq-4.conf:server=/exxxxx.local/192.168.1.3

Components

nethserver-flashstart-hybrid-1.0.0-1.ns7.noarch

francio87 commented 5 months ago

Issue Resolved. It's worth mentioning that the update event did not trigger the expand of the configuration file (ie dnsmasq-X.cfg) and restart of the istances, i had to issue a signal-event nethserver-flashstart-hybrid-save

nethbot commented 5 months ago

in 7.9.2009/nethesis-updates: