Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS for Domain Joined and Non Domain Joined Devices

    Scheduled Pinned Locked Moved DHCP and DNS
    2 Posts 1 Posters 399 Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D Offline
      dkkelso
      last edited by

      This is mostly a home lab / general learning question, where I hope someone can correct my methodology. I'll start with the background, and then if anyone has suggestions, I'll implement them as able.

      I have a home network with several domain joined devices. I also have several non-domain joined devices that are used by myself or others in the house, mostly iPhones and the like. I would like to be able to use the phone to browse domain joined devices by FQDN, not IP.

      As such, the first DNS server on General Setup is the IP to my active directory server. Since all devices are static IP'd within pfSense, all this trickles down to all the devices. And now, from my iPhone, I can access a domain joined device by FQDN.

      The problem arises when I lose power. Which I do often. I'm at 32 or so hours lost power over the last 30 days. The active directory server is on one UPS. NAS and some other equipment and a switch on another UPS. And pfSense + modem + wifi router is on another UPS.

      No matter what I do, the server will always drain any UPS faster than pfSense, modem and the router. It'll always be a race condition, even if I upgrade UPS for the server. So, after about 10 minutes or so of power failure, the other equipment starts gracefully shutting down, leaving me with some battery time left across all UPSes, and pfSense + modem + router still on, slowly draining one UPS.

      But, once the AD server shuts down, the internet is lost. Because that DNS server is gone. And it doesn't matter how many DNS servers I set after the first, until I go in and clear the IP to the AD, there is no domain resolution, because it's reaching out to the local IP. And I don't mean for the local domain. I know that is lost. And that is fine in a power failure.

      I mean the rest of the internet is only accessible by IP address.

      This is ignorance on my part, but I thought the purpose of a secondary or even tertiary DNS was so that if one failed to respond, the secondary or tertiary would kick in? But this doesn't seem to be the case when I set a local IP as the first DNS server.

      So, what am I doing wrong, first, second and nth?

      Thanks.

      1 Reply Last reply Reply Quote 0
      • D Offline
        dkkelso
        last edited by

        Moving to forwarder with a domain override seems to solve the issue.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.