samba - Apr 2018 - DNS backend SAMBA_INTERNAL name resolution through VPN

Hi,

My problem is about DNS names resolution in case there are two DNS servers
separated by a VPN and one DNS domain name.

Context: two Samba AD DC on each side of the VPN, one forest, one domain,
one site, two subnets.
Note that this target configuration is not yet operational since I'm trying
to make the DSN names resolution work first through the VPN.
The DNS servers are Samba internal DNS servers.
During the provision, SAMBA_INTERNAL was chosen.

+---------------------------+
| SUBNET: 192.168.1.0/24
+---------------------------+
| SAMBA AD DC DNS server 1
+---------------------------+
| DOMAIN: company.elmts
+---------------------------+
| hostname_1_1
| hostname_1_2
| ...
| hostname_1_N1
+---------------------------+
|
|
|
VPN
|
|
|
+--------------------------+
| SUBNET: 192.168.2.0/24
+--------------------------+
| SAMBA AD DC DNS server 2
+--------------------------+
| DOMAIN: company.elmts
+--------------------------+
| hostname_2_1
| hostname_2_2
| ...
| hostname_2_N2
+--------------------------+

Sedentary machines: have their hostname registered either on SAMBA AD DC DNS
server 1 or (exclusive) SAMBA AD DC DNS server 2.

Nomad machines: have their hostname registered on both SAMBA AD DC DNS
servers.

--------------------------------------------------------------------
On SAMBA AD DC DNS server 1: 
----------------------------
FQDN: hostname_1_1.company.elmts. / IP: 192.168.1.11 / SEDENTARY
FQDN: hostname_1_2.company.elmts. / IP: 192.168.1.12 / SEDENTARY
...
FQDN: nomad_a.company.elmts.      / IP: 192.168.1.53 / NOMAD
FQDN: nomad_b.company.elmts.      / IP: 192.168.1.54 / NOMAD
...
--------------------------------------------------------------------
On SAMBA AD DC DNS server 2:
----------------------------
FQDN: hostname_2_1.company.elmts. / IP: 192.168.2.21 / SEDENTARY
FQDN: hostname_2_2.company.elmts. / IP: 192.168.2.22 / SEDENTARY
...
FQDN: nomad_a.company.elmts.      / IP: 192.168.2.65 / NOMAD
FQDN: nomad_b.company.elmts.      / IP: 192.168.2.66 / NOMAD
...
--------------------------------------------------------------------

How can I make this work?

For now, if I ping hostname_2_1 from hostname_1_1, the name hostname_2_1 is
not resolved.

Thank you.




--
Sent from: http://samba.2283325.n4.nabble.com/Samba-General-f2403709.html

with different network ranges the VPN is routed and other then brided
VPN this has general limitations

https://openvpn.net/index.php/open-source/faq/75-general/309-what-is-the-difference-between-bridging-and-routing.html

Am 13.04.2018 um 12:27 schrieb Lea Massiot via samba:
> My problem is about DNS names resolution in case there are two DNS servers
> separated by a VPN and one DNS domain name.
> 
> Context: two Samba AD DC on each side of the VPN, one forest, one domain,
> one site, two subnets.
> Note that this target configuration is not yet operational since I'm
trying
> to make the DSN names resolution work first through the VPN.
> The DNS servers are Samba internal DNS servers.
> During the provision, SAMBA_INTERNAL was chosen.
> 
> +---------------------------+
> | SUBNET: 192.168.1.0/24
> +---------------------------+
> | SAMBA AD DC DNS server 1
> +---------------------------+
> | DOMAIN: company.elmts
> +---------------------------+
> | hostname_1_1
> | hostname_1_2
> | ...
> | hostname_1_N1
> +---------------------------+
> |
> |
> VPN
> |
> |
> +--------------------------+
> | SUBNET: 192.168.2.0/24
> +--------------------------+
> | SAMBA AD DC DNS server 2
> +--------------------------+
> | DOMAIN: company.elmts
> +--------------------------+
> | hostname_2_1
> | hostname_2_2
> | ...
> | hostname_2_N2
> +--------------------------+