[NEBULA] Multiple DNS suffixes as search list in DHCP options

flottmediaflottmedia Member Posts: 54  Ally Member
edited June 2, 2020 4:43PM in Nebula Security Gateway
Is there a way to assign an ordered list of multiple DNS suffixes in the DHCP options of a NSG to dynamically assign a domain search list for all DHCP clients in a multi-domain-setting like described e.g. in https://docs.microsoft.com/en-us/exchange/configure-the-dns-suffix-search-list-for-a-disjoint-namespace-exchange-2013-help for Windows Server GPO settings?

At least the following doesn't work, as it simply leads to "domain1.loc, domain2.loc" being appended to all DNS host name queries, instead of first trying host.domain1.loc and (only if not successfull) then host.domain2.loc:

All Replies

  • iversivers Member Posts: 36  Freshman Member
    Assume your Windows setting is correct then I think NSG user define is not support DHCP option 15, since back to the day when NSG don't have option 66 it's not works in user defined either, til they have this option.

  • flottmediaflottmedia Member Posts: 54  Ally Member
    Thanks for your reply, @ivers. The funny thing is, that the setting actually DOES work, otherwise we wouldn't get something like "domain1.loc, domain2.loc" as connection specific DNS suffix. But the question for me rather war: is there any DHCP setting in the NCC for NSGs that would allow us to define a domain search list with two entries for all DHCP clients in a multi-domain-setting?
  • Do you mean that the gateway should first inspect if the DNS server can resolve domain1.loc and only apply this suffix until otherwise?

    Are there gateways that can actually do this?

    I think @ivers has a point. This feels like a feature dedicated for option 15 and not for an arbitrary user-defined DHCP option.
Sign In to comment.