www.zeroshell.org Forum Index www.zeroshell.org
Linux Distribution for server and embedded devices
 
 SearchSearch  RegisterRegister  UsergroupsUsergroups 
 ProfileProfile  Log inLog in  Log in to check your private messagesPrivate Message 

Zeroshell experience

 
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell
View previous topic :: View next topic  
Author Message
Witchdoctor



Joined: 05 Oct 2014
Posts: 6

PostPosted: Mon Oct 06, 2014 12:40 am    Post subject: Zeroshell experience Reply with quote

Hi all;

I discovered Zeroshell late last week and I ran a couple tests at work on an old computer and figured it would work for me. Thought I would document my experience for you.

I had available to me a 3 year old Dell computer with 8 gigs of ram, onboard Broadcom gigabit Ethernet and a 160 gig HD. Also I had a dLink PCI gigabit Ethernet card and a dLink PCI wireless N card. I through all of these components together got a laptop loading the webpage and then brought the rig home with me Friday evening. I had to rewire my network on Saturday afternoon so I took advantage of that time to install the new router.

It took me a fair bit of time to just get access to the webpage because the DHCP server is not active by default.

Saturday afternoon it took me a bit of time to get my computer to bring up the web interface. Once I was connected I had to call my cable company to get them to reset my modem. I am entitled to 2 routable IP addresses and a Linksys router that my girlfriend is connected to had one address and my old router had the other address. Once the cable company did their thing my Zeroshell box got an IP just fine. However, my computer could not access the internet at this point. I eventually figured out that I had to get the network adapters doing NAT and so I played with that a bit and once I set all adapters to do NAT then my computer was on the internet.

I am running a Windows domain behind my Zeroshell router so I then turned off DHCP on the router and plugged my domain controller back into the network. Did an ipconfig /release /renew on my workstation and everything was working fine. The domain controller is handing out IPs and doing primary DNS while the router is the secondary DNS. The domain controller is complaining about the router not resolving certain AD information which hopefully I can sort out.

This morning I configured the wireless card in the router and bridged it with the Eth00 and now my tablet can connect to my domain. A wireless monitor on my phone tells me I'm getting a 292 Mbit connection. And it's quite strong even 2 floors up from the router.

Despite there being no documentation I'm quite impressed with Zeroshell so far. I think it will do everything I need it to do. There really needs to be a getting started guide to get new users up and running. This router is only good for the network geeks.

WD
Back to top
View user's profile Send private message
gordonf



Joined: 26 Feb 2012
Posts: 86

PostPosted: Mon Oct 06, 2014 12:56 pm    Post subject: ZS as an Active Directory DNS server? Reply with quote

Witchdoctor wrote:
The domain controller is complaining about the router not resolving certain AD information which hopefully I can sort out.

Does the ZS DNS server accept dynamic DNS entries and is it zone-transferring from the domain controller properly? Active Directory changes some things fairly constantly; it's why an AD DNS zone has such short TTL values compared to most internet DNS zones.

There's also two DNS zones in a default AD domain; there's the domain itself (say, example.com) and a protected subdomain (_msdcs.example.com) that contains GUIDs and such for the DCs. That's sensitive information to AD. The DC running the DNS service treats these as separate zones. If you want ZS to mirror AD DNS completely you need to permit zone transfers for both zones. You could be foolhardy and merge the two into the same zone (Windows 2000 did this originally) but I think MS made this change so AD admins could publish their zones to the internet without exposing this sensitive information.

You'd also have to somehow permit the DC's DNS service to accept changes to DNS written to the ZS DNS server. I think. It's almost like permitting bi-directional zone transfers, which I don't think works in non-AD DNS but works in AD DNS because the zones are stored in AD instead of in zone files.

It's been a long time since I tried hosting AD DNS on anything but a domain controller. The rules changed a lot over that time.
--
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group