Zeroshell experience

Home Page Forums Network Management ZeroShell Zeroshell experience

This topic contains 0 replies, has 0 voices, and was last updated by  Witchdoctor 5 years, 2 months ago.

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #44063

    Witchdoctor
    Participant

    Hi all;

    I discovered Zeroshell late last week and I ran a couple tests at work on an old computer and figured it would work for me. Thought I would document my experience for you.

    I had available to me a 3 year old Dell computer with 8 gigs of ram, onboard Broadcom gigabit Ethernet and a 160 gig HD. Also I had a dLink PCI gigabit Ethernet card and a dLink PCI wireless N card. I through all of these components together got a laptop loading the webpage and then brought the rig home with me Friday evening. I had to rewire my network on Saturday afternoon so I took advantage of that time to install the new router.

    It took me a fair bit of time to just get access to the webpage because the DHCP server is not active by default.

    Saturday afternoon it took me a bit of time to get my computer to bring up the web interface. Once I was connected I had to call my cable company to get them to reset my modem. I am entitled to 2 routable IP addresses and a Linksys router that my girlfriend is connected to had one address and my old router had the other address. Once the cable company did their thing my Zeroshell box got an IP just fine. However, my computer could not access the internet at this point. I eventually figured out that I had to get the network adapters doing NAT and so I played with that a bit and once I set all adapters to do NAT then my computer was on the internet.

    I am running a Windows domain behind my Zeroshell router so I then turned off DHCP on the router and plugged my domain controller back into the network. Did an ipconfig /release /renew on my workstation and everything was working fine. The domain controller is handing out IPs and doing primary DNS while the router is the secondary DNS. The domain controller is complaining about the router not resolving certain AD information which hopefully I can sort out.

    This morning I configured the wireless card in the router and bridged it with the Eth00 and now my tablet can connect to my domain. A wireless monitor on my phone tells me I’m getting a 292 Mbit connection. And it’s quite strong even 2 floors up from the router.

    Despite there being no documentation I’m quite impressed with Zeroshell so far. I think it will do everything I need it to do. There really needs to be a getting started guide to get new users up and running. This router is only good for the network geeks.

    WD

    #53497

    gordonf
    Member

    @witchdoctor wrote:

    The domain controller is complaining about the router not resolving certain AD information which hopefully I can sort out.

    Does the ZS DNS server accept dynamic DNS entries and is it zone-transferring from the domain controller properly? Active Directory changes some things fairly constantly; it’s why an AD DNS zone has such short TTL values compared to most internet DNS zones.

    There’s also two DNS zones in a default AD domain; there’s the domain itself (say, example.com) and a protected subdomain (_msdcs.example.com) that contains GUIDs and such for the DCs. That’s sensitive information to AD. The DC running the DNS service treats these as separate zones. If you want ZS to mirror AD DNS completely you need to permit zone transfers for both zones. You could be foolhardy and merge the two into the same zone (Windows 2000 did this originally) but I think MS made this change so AD admins could publish their zones to the internet without exposing this sensitive information.

    You’d also have to somehow permit the DC’s DNS service to accept changes to DNS written to the ZS DNS server. I think. It’s almost like permitting bi-directional zone transfers, which I don’t think works in non-AD DNS but works in AD DNS because the zones are stored in AD instead of in zone files.

    It’s been a long time since I tried hosting AD DNS on anything but a domain controller. The rules changed a lot over that time.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.