You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cloudstack.apache.org by Gary Dixon <Ga...@quadris.co.uk.INVALID> on 2023/01/30 11:37:31 UTC
Override DNS IP addresses
HI everyone
CS 4.15.2
Hypervisor Ubuntu 20.04 KVM
The vast majority of our tenants in CS are windows Active directory domain based networks. This relies on the Domain Controllers being the DNS servers for the domain.
In each guest OS we statically assign IP address information and set the DNS server addresses to point to the IP address of the Domain Controllers
We see issues where the Zone defined DNS server IP addresses (8.8.8.8, 8.8.4.4) are being passed through to the guest Windows VM’s which then causes them to lose their domain trust because they cannot locate the domain controllers
Is there a way to override the global Zone DNS server IP addresses that are passed through to guest VM’s – can this be changed for each Tennant/Domain in the Cloud database ?
Best regards
Gary
Gary Dixon
Senior Technical Consultant
T: +44 161 537 4990
E: vms@quadris-support.com
W: www.quadris.co.uk
The information contained in this e-mail from Quadris may be confidential and privileged for the private use of the named recipient. The contents of this e-mail may not necessarily represent the official views of Quadris. If you have received this information in error you must not copy, distribute or take any action or reliance on its contents. Please destroy any hard copies and delete this message.
RE: Override DNS IP addresses
Posted by Gary Dixon <Ga...@quadris.co.uk.INVALID>.
Hi
Hm - I've been pondering whether cloudbase-init would be of use to us. I plan on testing it in the near future when time allows. I'll report back with my findings
Thx
Gary
2SN
Gary Dixon
Senior Technical Consultant
T: +44 161 537 4990
E: vms@quadris-support.com
W: www.quadris.co.uk
The information contained in this e-mail from Quadris may be confidential and privileged for the private use of the named recipient. The contents of this e-mail may not necessarily represent the official views of Quadris. If you have received this information in error you must not copy, distribute or take any action or reliance on its contents. Please destroy any hard copies and delete this message.
-----Original Message-----
From: Nux <nu...@li.nux.ro>
Sent: 31 January 2023 12:24
To: users@cloudstack.apache.org
Cc: Gary Dixon <Ga...@quadris.co.uk>
Subject: Re: Override DNS IP addresses
Hello,
That's an unfortunate behaviour. Wonder what the culprit is.
Did you try to use cloudbase-init in the Windows VMS? Does it make things better/worse?
REgards
On 2023-01-30 15:32, Gary Dixon wrote:
> Thx Nux - this is good news
>
> The issue doesn't happen all the time - we have seen it occasionally
> after a windows guest reboot - something seems to stop the nic from
> getting its statically assigned IP configuration and so it reverts to
> creating a new nic within the guest OS and this is where it then picks
> up the Zone DNS server IP's - I'm guessing from the DNS provider on
> the virtual router.
> If we look in Device Mgr on the guest and 'show hidden devices' we see
> a 'ghosted' nic adapter - but this will still have registry entries
> for its IP config - so the new nic that seems to be created
> automatically cannot use the already assigned IP address and picks a
> new one from DHCP on the VR and also then gets the Zone DNS IP
> Addresses.
>
> Our workaround for if/when this happens is to delete the ghosted nic
> adapter in Device Mgr and its corresponding IP configuration in the
> windows registry - and then manually set the static IP info on the
> remaining nic adapter
>
> Gary Dixon
>
> Senior Technical Consultant
>
> T: +44 161 537 4990
>
> E: v [1]ms@quadris‑support.com
>
> W:
> https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.q
> uadris.co.uk%2F&data=05%7C01%7CGary.Dixon%40quadris.co.uk%7Cf352ab8e9e
> 5846ef6ea608db038614d1%7Cf1d6abf3d3b44894ae16db0fb93a96a2%7C0%7C0%7C63
> 8107646643378568%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV
> 2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=hjgszY%2B6
> f1eAZzCbZpg1xP5Tb5gxL7nZBcdhWOS76bo%3D&reserved=0
>
> The information contained in this e-mail from Quadris may be
> confidential and privileged for the private use of the named
> recipient. The contents of this e-mail may not necessarily represent
> the official views of Quadris. If you have received this information
> in error you must not copy, distribute or take any action or reliance
> on its contents. Please destroy any hard copies and delete this
> message.
>
> -----Original Message-----
> From: Nux <nu...@li.nux.ro>
> Sent: 30 January 2023 12:01
> To: users@cloudstack.apache.org
> Cc: Gary Dixon <Ga...@quadris.co.uk.invalid>
> Subject: Re: Override DNS IP addresses
>
> Hi Gary,
>
> Yes, indeed, this is coming to 4.18:
> https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgith
> ub.com%2Fapache%2Fcloudstack%2Fpull%2F6425&data=05%7C01%7CGary.Dixon%4
> 0quadris.co.uk%7Cf352ab8e9e5846ef6ea608db038614d1%7Cf1d6abf3d3b44894ae
> 16db0fb93a96a2%7C0%7C0%7C638107646643378568%7CUnknown%7CTWFpbGZsb3d8ey
> JWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C300
> 0%7C%7C%7C&sdata=f8We%2B1xIMLEq1S3JJ8GD8U2pXIaRvRzmnJxMW3%2BFPjc%3D&re
> served=0
>
> Until then I am not sure how to solve the problem though. If IPs and
> DNS are statically assign, why does this continue to be a problem?
>
> Regards
>
> On 2023-01-30 11:37, Gary Dixon wrote:
>> HI everyone
>>
>> CS 4.15.2
>>
>> Hypervisor Ubuntu 20.04 KVM
>>
>> The vast majority of our tenants in CS are windows Active directory
>> domain based networks. This relies on the Domain Controllers being
> the
>> DNS servers for the domain.
>>
>> In each guest OS we statically assign IP address information and set
>
>> the DNS server addresses to point to the IP address of the Domain
>> Controllers
>>
>> We see issues where the Zone defined DNS server IP addresses
>> (8.8.8.8, 8.8.4.4) are being passed through to the guest Windows
> VM’s
>> which then causes them to lose their domain trust because they
> cannot
>> locate the domain controllers
>>
>> Is there a way to override the global Zone DNS server IP addresses
>> that are passed through to guest VM’s – can this be changed for
> each
>> Tennant/Domain in the Cloud database ?
>>
>> Best regards
>>
>> Gary
>>
>> Gary Dixon
>>
>> Senior Technical Consultant
>>
>> T: +44 161 537 4990
>>
>> E: v [1]ms@quadris‑support.com
>>
>> W:
>>
> https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.q
> %2F&data=05%7C01%7CGary.Dixon%40quadris.co.uk%7Cf352ab8e9e5846ef6ea608
> db038614d1%7Cf1d6abf3d3b44894ae16db0fb93a96a2%7C0%7C0%7C63810764664337
> 8568%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBT
> iI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=VfV%2F%2BpepWhD4TU7qLu
> XBVRnUzJjtPe%2FOJhGdwp9QKSw%3D&reserved=0
>>
> uadris.co.uk%2F&data=05%7C01%7CGary.Dixon%40quadris.co.uk%7Caa1d5e15f1
>>
> 5848273cb508db02b9a01b%7Cf1d6abf3d3b44894ae16db0fb93a96a2%7C0%7C0%7C63
>>
> 8106768520826236%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV
>>
> 2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=r25zVpzJzf
>> jUG46HKguwC%2FRkIm3nYcZAmRgiBG%2BKPlA%3D&reserved=0
>>
>> The information contained in this e-mail from Quadris may be
>> confidential and privileged for the private use of the named
>> recipient. The contents of this e-mail may not necessarily represent
>
>> the official views of Quadris. If you have received this information
>
>> in error you must not copy, distribute or take any action or
> reliance
>> on its contents. Please destroy any hard copies and delete this
>> message.
>>
>>
>>
>> Links:
>> ------
>> [1] tel:+44%207989717661
>
>
> Links:
> ------
> [1] tel:+44%207989717661
Re: Override DNS IP addresses
Posted by Nux <nu...@li.nux.ro>.
Hello,
That's an unfortunate behaviour. Wonder what the culprit is.
Did you try to use cloudbase-init in the Windows VMS? Does it make
things better/worse?
REgards
On 2023-01-30 15:32, Gary Dixon wrote:
> Thx Nux - this is good news
>
> The issue doesn't happen all the time - we have seen it occasionally
> after a windows guest reboot - something seems to stop the nic from
> getting its statically assigned IP configuration and so it reverts to
> creating a new nic within the guest OS and this is where it then picks
> up the Zone DNS server IP's - I'm guessing from the DNS provider on
> the virtual router.
> If we look in Device Mgr on the guest and 'show hidden devices' we see
> a 'ghosted' nic adapter - but this will still have registry entries
> for its IP config - so the new nic that seems to be created
> automatically cannot use the already assigned IP address and picks a
> new one from DHCP on the VR and also then gets the Zone DNS IP
> Addresses.
>
> Our workaround for if/when this happens is to delete the ghosted nic
> adapter in Device Mgr and its corresponding IP configuration in the
> windows registry - and then manually set the static IP info on the
> remaining nic adapter
>
> Gary Dixon
>
> Senior Technical Consultant
>
> T: +44 161 537 4990
>
> E: v [1]ms@quadris‑support.com
>
> W: www.quadris.co.uk
>
> The information contained in this e-mail from Quadris may be
> confidential and privileged for the private use of the named
> recipient. The contents of this e-mail may not necessarily represent
> the official views of Quadris. If you have received this information
> in error you must not copy, distribute or take any action or reliance
> on its contents. Please destroy any hard copies and delete this
> message.
>
> -----Original Message-----
> From: Nux <nu...@li.nux.ro>
> Sent: 30 January 2023 12:01
> To: users@cloudstack.apache.org
> Cc: Gary Dixon <Ga...@quadris.co.uk.invalid>
> Subject: Re: Override DNS IP addresses
>
> Hi Gary,
>
> Yes, indeed, this is coming to 4.18:
> https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fapache%2Fcloudstack%2Fpull%2F6425&data=05%7C01%7CGary.Dixon%40quadris.co.uk%7Caa1d5e15f15848273cb508db02b9a01b%7Cf1d6abf3d3b44894ae16db0fb93a96a2%7C0%7C0%7C638106768520826236%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=QZjqm0qb4OjtfoujFPjZe%2F8W8jaU9f8gGpa12ZfoyCw%3D&reserved=0
>
> Until then I am not sure how to solve the problem though. If IPs and
> DNS are statically assign, why does this continue to be a problem?
>
> Regards
>
> On 2023-01-30 11:37, Gary Dixon wrote:
>> HI everyone
>>
>> CS 4.15.2
>>
>> Hypervisor Ubuntu 20.04 KVM
>>
>> The vast majority of our tenants in CS are windows Active directory
>> domain based networks. This relies on the Domain Controllers being
> the
>> DNS servers for the domain.
>>
>> In each guest OS we statically assign IP address information and set
>
>> the DNS server addresses to point to the IP address of the Domain
>> Controllers
>>
>> We see issues where the Zone defined DNS server IP addresses
>> (8.8.8.8, 8.8.4.4) are being passed through to the guest Windows
> VM’s
>> which then causes them to lose their domain trust because they
> cannot
>> locate the domain controllers
>>
>> Is there a way to override the global Zone DNS server IP addresses
>> that are passed through to guest VM’s – can this be changed for
> each
>> Tennant/Domain in the Cloud database ?
>>
>> Best regards
>>
>> Gary
>>
>> Gary Dixon
>>
>> Senior Technical Consultant
>>
>> T: +44 161 537 4990
>>
>> E: v [1]ms@quadris‑support.com
>>
>> W:
>>
> https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.q
>>
> uadris.co.uk%2F&data=05%7C01%7CGary.Dixon%40quadris.co.uk%7Caa1d5e15f1
>>
> 5848273cb508db02b9a01b%7Cf1d6abf3d3b44894ae16db0fb93a96a2%7C0%7C0%7C63
>>
> 8106768520826236%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV
>>
> 2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=r25zVpzJzf
>> jUG46HKguwC%2FRkIm3nYcZAmRgiBG%2BKPlA%3D&reserved=0
>>
>> The information contained in this e-mail from Quadris may be
>> confidential and privileged for the private use of the named
>> recipient. The contents of this e-mail may not necessarily represent
>
>> the official views of Quadris. If you have received this information
>
>> in error you must not copy, distribute or take any action or
> reliance
>> on its contents. Please destroy any hard copies and delete this
>> message.
>>
>>
>>
>> Links:
>> ------
>> [1] tel:+44%207989717661
>
>
> Links:
> ------
> [1] tel:+44%207989717661
RE: Override DNS IP addresses
Posted by Gary Dixon <Ga...@quadris.co.uk.INVALID>.
Thx Nux - this is good news
The issue doesn't happen all the time - we have seen it occasionally after a windows guest reboot - something seems to stop the nic from getting its statically assigned IP configuration and so it reverts to creating a new nic within the guest OS and this is where it then picks up the Zone DNS server IP's - I'm guessing from the DNS provider on the virtual router.
If we look in Device Mgr on the guest and 'show hidden devices' we see a 'ghosted' nic adapter - but this will still have registry entries for its IP config - so the new nic that seems to be created automatically cannot use the already assigned IP address and picks a new one from DHCP on the VR and also then gets the Zone DNS IP Addresses.
Our workaround for if/when this happens is to delete the ghosted nic adapter in Device Mgr and its corresponding IP configuration in the windows registry - and then manually set the static IP info on the remaining nic adapter
Gary Dixon
Senior Technical Consultant
T: +44 161 537 4990
E: vms@quadris-support.com
W: www.quadris.co.uk
The information contained in this e-mail from Quadris may be confidential and privileged for the private use of the named recipient. The contents of this e-mail may not necessarily represent the official views of Quadris. If you have received this information in error you must not copy, distribute or take any action or reliance on its contents. Please destroy any hard copies and delete this message.
-----Original Message-----
From: Nux <nu...@li.nux.ro>
Sent: 30 January 2023 12:01
To: users@cloudstack.apache.org
Cc: Gary Dixon <Ga...@quadris.co.uk.invalid>
Subject: Re: Override DNS IP addresses
Hi Gary,
Yes, indeed, this is coming to 4.18:
https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fapache%2Fcloudstack%2Fpull%2F6425&data=05%7C01%7CGary.Dixon%40quadris.co.uk%7Caa1d5e15f15848273cb508db02b9a01b%7Cf1d6abf3d3b44894ae16db0fb93a96a2%7C0%7C0%7C638106768520826236%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=QZjqm0qb4OjtfoujFPjZe%2F8W8jaU9f8gGpa12ZfoyCw%3D&reserved=0
Until then I am not sure how to solve the problem though. If IPs and DNS are statically assign, why does this continue to be a problem?
Regards
On 2023-01-30 11:37, Gary Dixon wrote:
> HI everyone
>
> CS 4.15.2
>
> Hypervisor Ubuntu 20.04 KVM
>
> The vast majority of our tenants in CS are windows Active directory
> domain based networks. This relies on the Domain Controllers being the
> DNS servers for the domain.
>
> In each guest OS we statically assign IP address information and set
> the DNS server addresses to point to the IP address of the Domain
> Controllers
>
> We see issues where the Zone defined DNS server IP addresses
> (8.8.8.8, 8.8.4.4) are being passed through to the guest Windows VM’s
> which then causes them to lose their domain trust because they cannot
> locate the domain controllers
>
> Is there a way to override the global Zone DNS server IP addresses
> that are passed through to guest VM’s – can this be changed for each
> Tennant/Domain in the Cloud database ?
>
> Best regards
>
> Gary
>
> Gary Dixon
>
> Senior Technical Consultant
>
> T: +44 161 537 4990
>
> E: v [1]ms@quadris‑support.com
>
> W:
> https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.q
> uadris.co.uk%2F&data=05%7C01%7CGary.Dixon%40quadris.co.uk%7Caa1d5e15f1
> 5848273cb508db02b9a01b%7Cf1d6abf3d3b44894ae16db0fb93a96a2%7C0%7C0%7C63
> 8106768520826236%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV
> 2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=r25zVpzJzf
> jUG46HKguwC%2FRkIm3nYcZAmRgiBG%2BKPlA%3D&reserved=0
>
> The information contained in this e-mail from Quadris may be
> confidential and privileged for the private use of the named
> recipient. The contents of this e-mail may not necessarily represent
> the official views of Quadris. If you have received this information
> in error you must not copy, distribute or take any action or reliance
> on its contents. Please destroy any hard copies and delete this
> message.
>
>
>
> Links:
> ------
> [1] tel:+44%207989717661
Re: Override DNS IP addresses
Posted by Nux <nu...@li.nux.ro>.
Hi Gary,
Yes, indeed, this is coming to 4.18:
https://github.com/apache/cloudstack/pull/6425
Until then I am not sure how to solve the problem though. If IPs and DNS
are statically assign, why does this continue to be a problem?
Regards
On 2023-01-30 11:37, Gary Dixon wrote:
> HI everyone
>
> CS 4.15.2
>
> Hypervisor Ubuntu 20.04 KVM
>
> The vast majority of our tenants in CS are windows Active directory
> domain based networks. This relies on the Domain Controllers being the
> DNS servers for the domain.
>
> In each guest OS we statically assign IP address information and set
> the DNS server addresses to point to the IP address of the Domain
> Controllers
>
> We see issues where the Zone defined DNS server IP addresses
> (8.8.8.8, 8.8.4.4) are being passed through to the guest Windows
> VM’s which then causes them to lose their domain trust because they
> cannot locate the domain controllers
>
> Is there a way to override the global Zone DNS server IP addresses
> that are passed through to guest VM’s – can this be changed for
> each Tennant/Domain in the Cloud database ?
>
> Best regards
>
> Gary
>
> Gary Dixon
>
> Senior Technical Consultant
>
> T: +44 161 537 4990
>
> E: v [1]ms@quadris‑support.com
>
> W: www.quadris.co.uk
>
> The information contained in this e-mail from Quadris may be
> confidential and privileged for the private use of the named
> recipient. The contents of this e-mail may not necessarily represent
> the official views of Quadris. If you have received this information
> in error you must not copy, distribute or take any action or reliance
> on its contents. Please destroy any hard copies and delete this
> message.
>
>
>
> Links:
> ------
> [1] tel:+44%207989717661