The other question I forgot to mention and realized after talking with ichat on the irc is that my router/firewall (pfsnese) is the current domain name server for the network. My zen2.0 box is the PDC for company 1 and company 2 and 3 are using a m$ workgroup. This is a multi tenant signal gateway building. The zen 2.0 box has never done anything but be the PDC for company 1 (netlogon and roaming profiles).
The pfsense if forwarding dns to the building and is the dhcp server. its doing alot of other trick stuff and is not going away. My biggest want for the zen3 box is LDAP that is working correctly, so I can authenticate the users for the freenas box instead of hand entering their crap in freenas. for some reason my zen2.0 box wont 1). connect to the zen cloud to backup, 2). accept the freenas LDAP connection, 3). upgrade correctly with the upgrade scripts. so i'm forced (happily) to upgrade to zen3.
So...
so here is my sanitized current configuration:
company.com (fqdn, web presence)
office.company.com (fqdn, dyndns to the physical building)
10.0.0.1 alpha (gateway, dhcp, dns, firewall, openvpn, traffic shaping, etc...) alpha.office.company.com will resolve correctly
10.0.0.2 echo (freepbx server whole building)
10.0.1.1 zulu (zen 2.0 box. PDC company 1)
10.0.1.254 whiskey (freenas box with zfs pool for company 1)
10.0.1.0/24 company 1 subnet
10.0.2.0/24 company 2 subnet
10.0.3.0/24 company 3 subnet
i know this will help someone else once we can detail it out.
best,
dan