Author Topic: Bug with Zentyal 2.2  (Read 2995 times)

vshaulsk

  • Zen Samurai
  • ****
  • Posts: 477
  • Karma: +9/-1
    • View Profile
Re: Bug with Zentyal 2.2
« Reply #15 on: October 04, 2011, 04:08:40 pm »
My external interface is DHCP.... my ISP gives dynamic addresses and you have to pay extra for a static IP.

my setup is as follows:

Internet Fiber Cable--- ISP provided Router----(Zentyal External interface set as DHCP)<zentyal box>(Zentyal internal interface set as Vlan)-----clients.

I guess I could put a cheap router before my zentyal server......

You are also correct.... I would want the cron job to run more than once an hour.... probably if possible every 15 minutes as long as it takes no real processing power.  This way that the maximum my system won't be able to resolve a name query is only 15 minutes.

Sam Graf

  • Guest
Re: Bug with Zentyal 2.2
« Reply #16 on: October 04, 2011, 04:10:20 pm »
Of course we are discussing here about DNS to be used by Zentyal server, not DNS to be set as DHCP option for clients.  :P
Of course. We are also discussing/educating the community why Zentyal should use itself as a DNS server if network clients behave as expected. :P

When trying to implement, e.g. reverse proxy using fqdn instead of IP address in the redirect directive, resolving internal names is mandatory.
That's a piece I was missing. Thanks.

Another reason why one would like to have Zentyal resolving internal names: say you are using Zentyal as cache proxy: all browsers will access this proxy, even for internal web servers and fqdn has to be resolved by proxy, meaning Zentyal.
So as things are, internal web servers are not being cached for network clients even in the case where the requests are going through the proxy? I do agree that if internal stuff isn't being cached, it would be better if it were.

christian

  • Guest
Re: Bug with Zentyal 2.2
« Reply #17 on: October 04, 2011, 04:39:43 pm »
In fact I'm not saying that internal web content must be cached. It's all matter of network topology, content and proxy definition. This is in fact another debate.
Having "no proxy" for internal server is very often used.

But in case one wants to use Zentyal as non-transparent proxy for internal server, then Zentyal MUST be able to resolve internal servers using.... quite often Zentyal DNS, meaning very often itself  :)
Look for instance at two sites linked with VPN. What if you want to access web server running on remote site benefiting from proxy in the middle to reduce bandwidth? I obviously assumes you are not running transparent proxy here because in such case, name is resolved by client  ;)

I also hope that Zentyal will, in next versions, be able to distribute mail to internal mail servers, to "really" replicate will ldap server using server name, not IP address. And this can be extend to any "non Zentyal" application one may have installed on Zentyal server itself, requiring to communicate with any other internal machine using FQDN instead of IP...

So I should stop trying to explain why it should use itself as DNS but instead reverse the question: why should Zentyal not use itself as primary DNS?

Is it weird?  ???

Sam Graf

  • Guest
Re: Bug with Zentyal 2.2
« Reply #18 on: October 04, 2011, 04:57:02 pm »
But in case one wants to use Zentyal as non-transparent proxy for internal server, then Zentyal MUST be able to resolve internal servers using.... quite often Zentyal DNS, meaning very often itself  :)
Look for instance at two sites linked with VPN. What if you want to access web server running on remote site benefiting from proxy in the middle to reduce bandwidth? I obviously assumes you are not running transparent proxy here because in such case, name is resolved by client  ;)

I also hope that Zentyal will, in next versions, be able to distribute mail to internal mail servers, to "really" replicate will ldap server using server name, not IP address. And this can be extend to any "non Zentyal" application one may have installed on Zentyal server itself, requiring to communicate with any other internal machine using FQDN instead of IP...

So I should stop trying to explain why it should use itself as DNS but instead reverse the question: why should Zentyal not use itself as primary DNS?

Is it weird?  ???
I don't think it's weird. I'm trying to understand. And I'm trying to understand if the current behavior is a bug, as the topic title suggests.

We do in fact access internal web servers across out VPN. What is not clear to me is the relationship between DNS and the proxy. If I access a remote server by address, is it cached?

vshaulsk

  • Zen Samurai
  • ****
  • Posts: 477
  • Karma: +9/-1
    • View Profile
Re: Bug with Zentyal 2.2
« Reply #19 on: October 04, 2011, 05:10:21 pm »
I don't think my title is correct anymore ..... I do not think there is a bug in Zentyal... it is just how my system is setup.  Since my external interface is DHCP it updates the resolv.conf automatically when my ISP reissues my address.  This is why it gets over written a couple of times a day.

christian

  • Guest
Re: Bug with Zentyal 2.2
« Reply #20 on: October 04, 2011, 05:50:15 pm »
You're both correct.
This is not, to me, a bug neither but result of having external interface using DHCP, thus settings are overwritten by ISP.

vshaulsk, can't you configure you're router provided by ISP as a router (meaning not as bridge) so that dynamic IP stay at router external border and then NAT to internal fixed subnet?

vshaulsk

  • Zen Samurai
  • ****
  • Posts: 477
  • Karma: +9/-1
    • View Profile
Re: Bug with Zentyal 2.2
« Reply #21 on: October 04, 2011, 05:59:18 pm »
The router provided my the ISP is secured by the cable provider.  I as a customer do not have access to the restricted password needed in order to log into the control panel.

jjm1982

  • Zen Warrior
  • ***
  • Posts: 200
  • Karma: +7/-0
    • View Profile
Re: Bug with Zentyal 2.2
« Reply #22 on: October 05, 2011, 08:12:30 pm »
hum.... jjm1982's script is clever but this is "only" a workaround and can't be the target design otherwise you would have to run is very often. Once per hour might not be enough  :P

I don't understand why resolv.conf is updated by ISP.... Oh, is it because external interface is DHCP based?
And I supposed that switching to fixed IP address is not an option?

I don't know if it helps but let me explain what I have at home:
Internet --> (external public IP) <ADSL device (router)> (internal private IP) <--> (Zentyal external private IP) <Zentyal box> (Zentyal internal private IP)

My ADSL router forwards to Zentyal ports I want to access from internet.
Doing so, Zentyal external (private) address never changes  ;)

You are correct, the external interface is DHCP so my cable provider issues the IP address and switching to a static IP is not an option.

Rafael Muylaert

  • Zen Apprentice
  • *
  • Posts: 49
  • Karma: +1/-0
    • View Profile
Re: Bug with Zentyal 2.2
« Reply #23 on: March 22, 2012, 07:32:24 pm »
Sorry to revive this topic, but I also have the same problem that resolv.conf gets overwritten by dhclient.

In my situation, I have two isp's. one of them I'm using a router between the modem and the zentyal box, since I could never get pppoe to work properly. The other connection is DHCP.

The problem is that the name servers that the second ISP gives me don't respond to queries that go out from my first ISP. That way I cannot resolve names in my internal network, since all the machines are configured to use zentyal as DNS.

jjm1982

  • Zen Warrior
  • ***
  • Posts: 200
  • Karma: +7/-0
    • View Profile
Re: Bug with Zentyal 2.2
« Reply #24 on: March 22, 2012, 08:24:37 pm »
hum.... jjm1982's script is clever but this is "only" a workaround and can't be the target design otherwise you would have to run is very often. Once per hour might not be enough  :P

I don't understand why resolv.conf is updated by ISP.... Oh, is it because external interface is DHCP based?
Yes
Quote
And I supposed that switching to fixed IP address is not an option?
Yes
Quote

I don't know if it helps but let me explain what I have at home:
Internet --> (external public IP) <ADSL device (router)> (internal private IP) <--> (Zentyal external private IP) <Zentyal box> (Zentyal internal private IP)

My ADSL router forwards to Zentyal ports I want to access from internet.
Doing so, Zentyal external (private) address never changes  ;)
I prefer to have my Zentyal server as the router/firewall point and not have to rely on an external device; but of course that's my preference.