Author Topic: [SOLVED] Remove 127.0.0.1 from resolv.conf ??  (Read 22627 times)

christian

  • Guest
Re: Remove 127.0.0.1 from resolv.conf
« Reply #15 on: September 20, 2012, 09:29:31 am »
hmmmm, are you using transparent proxy  >:( >:( >:(

and this also means, if transparent proxy is used, that if Win server is defined as DNS for clients, Win server can't resolve external names
« Last Edit: September 20, 2012, 09:31:08 am by christian »

codedmind

  • Zen Monk
  • **
  • Posts: 54
  • Karma: +2/-0
    • View Profile
Re: Remove 127.0.0.1 from resolv.conf
« Reply #16 on: September 20, 2012, 09:33:21 am »
Yes i want zentyal with transparent proxy..

codedmind

  • Zen Monk
  • **
  • Posts: 54
  • Karma: +2/-0
    • View Profile
Re: Remove 127.0.0.1 from resolv.conf
« Reply #17 on: September 20, 2012, 09:41:23 am »
What i pretend is have zentyal as gateway and as transparent proxy.

To have that i need have dns server running, but i can't configure it correctly because i have a domain too :/

In the moment i active dns server (because http proxy transparent) the 127.0.0.1 go to resolv.conf and i can't resolv intranet computers name
« Last Edit: September 20, 2012, 09:44:38 am by codedmind »

christian

  • Guest
Re: Remove 127.0.0.1 from resolv.conf
« Reply #18 on: September 20, 2012, 09:45:16 am »
 ;D ;D  I should not always focus on this but can't refrain myself: transparent proxy has a lot of side effects. One is what you just discovered: when transparent proxy is used, then name resolution is handled by client, not by proxy  :P

This said, you can still use transparent proxy (you may have plenty of other good reasons to do this), just ensure that Win 2003 server (that is supposed to be defined as DNS for DHCP clients) is able to resolve external names (as I explained in previous post  8) )

codedmind

  • Zen Monk
  • **
  • Posts: 54
  • Karma: +2/-0
    • View Profile
Re: Remove 127.0.0.1 from resolv.conf
« Reply #19 on: September 20, 2012, 09:51:42 am »
Sorry but i'm lost it somewhere :/

i don't mind to have zentyal has dhcp and dns server, but zentyal must reconigze intranet computers.

I only keep win 03 server as dhcp server and dns server because i can't configure zentyal to work and the computers inside network see each others.

I assume the big issue is to configure dns server because domain and etc. The zentyal docs in this part ins't very clear, or i can't understand it, because i must keep the domain in win 03 server
« Last Edit: September 20, 2012, 09:53:19 am by codedmind »

christian

  • Guest
Re: Remove 127.0.0.1 from resolv.conf
« Reply #20 on: September 20, 2012, 10:21:34 am »
I'm lost too  :-[  do you mean to say that you keep Win 2003 server because Zentyal doesn't work as expected ?
If yes, then let me explain something:

- if, for your network zone, you maintain entries in Windows server DNS and if you define Zentyal as DNS server for this same zone without maintaining entries in Zentyal, then do not be surprised that it doesn't work 5meaning Zentyal will not resolve names for this zone he is suppose to maintain).

- if you want Zentyal to also resolve names for DHCP clients, Zentyal has to be DHCP server.

- except for DHCP client, Zentyal, as DNS, will never "recognize" intranet computers. You do have to maintain it manually.

Once all of this is done, then, trust me, Zentyal can act as efficient DHCP and DNS server. And if used with transparent proxy, then half_life's point is meaningful: activate forwarding feature at Zentyal DNS level

codedmind

  • Zen Monk
  • **
  • Posts: 54
  • Karma: +2/-0
    • View Profile
Re: Remove 127.0.0.1 from resolv.conf
« Reply #21 on: September 20, 2012, 10:29:14 am »
I do everything that.

I active dns server dhcp server in zentyal and http proxy. Disable dhcp and dns in win 03 server.
But then none intranet computers can find local computers

I can't ping from server01 to server02 for instance, only can ping from server01 to 192.168.1.3 (server02)

christian

  • Guest
Re: Remove 127.0.0.1 from resolv.conf
« Reply #22 on: September 20, 2012, 10:38:57 am »
did you define server01 and server02 as hosts in DNS configuration ? (hostnames tab)
If not, then it doesn't work, obviously  ::)

codedmind

  • Zen Monk
  • **
  • Posts: 54
  • Karma: +2/-0
    • View Profile
Re: Remove 127.0.0.1 from resolv.conf
« Reply #23 on: September 20, 2012, 10:44:14 am »
But i must define manually every computer in the lan?

If zentyal is dhcp server he shouldn't know?

christian

  • Guest
Re: Remove 127.0.0.1 from resolv.conf
« Reply #24 on: September 20, 2012, 10:50:10 am »
see my post above  ::)

- Yes you have to define every server that is NOT DHCP client.
- For DHCP clients, be sure you have enabled and configure the "dynamic DNS" section otherwise it doesn't work  ;)

ctek

  • Zen Warrior
  • ***
  • Posts: 197
  • Karma: +6/-1
    • View Profile
Re: Remove 127.0.0.1 from resolv.conf
« Reply #25 on: September 20, 2012, 12:04:32 pm »
@Codemind.
Let's set the things straight for a second. Here is what i  would recommend you.
Since Christian is trying his best to guess your setup and your intentions you will have some steps to clarify so we can help you

Do you need the W2K3 server in your lan ?

if NO then let's do all the steps from the top with zentyal
 0 Start a fresh install of zentyal and a test machine
 1 configure as DHCP and Domain controller
 2 add your NON-DHCP machine in the dns section of zentyal
 3 join your computers to zentyal
 4 see if your computers access the internet (without proxy enable)
 5  If your domain is ok and your test machine is getting outside then use transparent proxy.

If YES you DO require the W2K3 server as (DNS and DHCP) machine
1 configure zentyal as gateway
2 add the non DHCP clients (like the W2K3 server) to dns of the zentyal and configure hosts
3 set-up the W2k3 to be your DNS DHCP server and set the gateway to be zentyal machine and his dns
4 check that your clients are getting the correct config from dhcp server and are joined in the domain.
5 test if you can get out in internet from your clients.
6 configure Zentyal with proxy settings.

I hope i'm clear with what i say and not mistaking.
Please if there are any other opinions make the appropriate modifications.

Thanks and best regards
Bogdan


codedmind

  • Zen Monk
  • **
  • Posts: 54
  • Karma: +2/-0
    • View Profile
Re: Remove 127.0.0.1 from resolv.conf
« Reply #26 on: September 20, 2012, 12:12:50 pm »
Hy ctek

I now do what Christian say.

But because now every company is working i must wait to apply the changes en zentyal at lunch time.

I do almost everything you said in second part.

win03srv is need because is the domain controller.
I put zentyal as gateway, dhcp server, dns server (adding manually all static hosts), and http proxy (transparent mode)
DHCP server will deliver the folling options to clients:
 gateway: zentyal ip
dns 1: local zentyal dns
dns 2 : 8.8.8.8
wins: custom (192.168.1.2) ip from win03srv

Then i enable dynamic domain too

After i test it i will came with status.

Thanks to all.




Javier Amor Garcia

  • Zentyal Staff
  • Zen Hero
  • *****
  • Posts: 1225
  • Karma: +12/-0
    • View Profile
Re: Remove 127.0.0.1 from resolv.conf
« Reply #27 on: September 20, 2012, 12:55:05 pm »
Hello,

in the new version Zentyal uses kerberos and kerberos needs dns to find its resources. Since the resources are stored in the local user domains we need that the system uses our dns server.

codedmind

  • Zen Monk
  • **
  • Posts: 54
  • Karma: +2/-0
    • View Profile
Re: Remove 127.0.0.1 from resolv.conf
« Reply #28 on: September 20, 2012, 01:31:15 pm »
If i use zentyal as primary dns server dhcpclient don't have internet connection :/

I change dhcpserver to put the follow dns
8.8.8.8
8.8.8.4
wins 192.168.1.2

And i think for now is working

PS: at least for windows 7 machine...
« Last Edit: September 20, 2012, 01:34:26 pm by codedmind »

christian

  • Guest
Re: Remove 127.0.0.1 from resolv.conf
« Reply #29 on: September 20, 2012, 02:13:17 pm »
Thank you for the notification.

- Are we here running Zentyal 2.2 or 3.0 ?
- When will Zentyal publish doc describing this (I didn't check this morning but this was not available yesterday)
- Why not, if not already done, dedicated local DNS server providing service to Kerberos like you do with LDAP for Samba?