Matt, The ID of the network offering is 6. Here is what I tried so far. I was able to get it to show up as no longer supporting dns in the Cloudstack GUI, but when I rebooted the virtual router it still had it enabled. Going to try deleting it and letting it be recreated though. mysql> use cloud;Reading table information for completion of table and column namesYou can turn off this feature to get a quicker startup with -A Database changedmysql> select * from network_offerings where id=6;+----+-------------------------------------------+--------------------------------------+-------------------------------------------+-----------------------------------------------------+---------+---------+--------------+------+-------------+--------------+---------------------+---------------+---------------------+---------+---------+--------------+----------------------+---------------------------+----------+--------------------------+---------+------------+--------------------+--------------------+-------------------+| id | name | uuid | unique_name | display_text | nw_rate | mc_rate | traffic_type | tags | system_only | specify_vlan | service_offering_id | conserve_mode | created | removed | default | availability | dedicated_lb_service | shared_source_nat_service | sort_key | redundant_router_service | state | guest_type | elastic_ip_service | elastic_lb_service | specify_ip_ranges |+----+-------------------------------------------+--------------------------------------+-------------------------------------------+-----------------------------------------------------+---------+---------+--------------+------+-------------+--------------+---------------------+---------------+---------------------+---------+---------+--------------+----------------------+---------------------------+----------+--------------------------+---------+------------+--------------------+--------------------+-------------------+| 6 | DefaultSharedNetworkOfferingWithSGService | dd92b963-7ebc-406c-8751-21ed0d80b231 | DefaultSharedNetworkOfferingWithSGService | Offering for Shared Security group enabled networks | NULL | NULL | Guest | NULL | 0 | 1 | NULL | 1 | 2013-04-08 21:25:16 | NULL | 1 | Optional | 1 | 0 | 0 | 0 | Enabled | Shared | 0 | 0 | 1 |+----+-------------------------------------------+--------------------------------------+-------------------------------------------+-----------------------------------------------------+---------+---------+--------------+------+-------------+--------------+---------------------+---------------+---------------------+---------+---------+--------------+----------------------+---------------------------+----------+--------------------------+---------+------------+--------------------+--------------------+-------------------+ mysql> select * from ntwk_offering_service_map;+----+---------------------+----------------+-----------------------+---------------------+| id | network_offering_id | service | provider | created |+----+---------------------+----------------+-----------------------+---------------------+| 1 | 6 | UserData | VirtualRouter | 2013-04-08 21:25:16 || 2 | 6 | Dns | VirtualRouter | 2013-04-08 21:25:16 || 3 | 6 | SecurityGroup | SecurityGroupProvider | 2013-04-08 21:25:16 || 4 | 6 | Dhcp | VirtualRouter | 2013-04-08 21:25:16 || 5 | 7 | UserData | VirtualRouter | 2013-04-08 21:25:16 || 6 | 7 | Dns | VirtualRouter | 2013-04-08 21:25:16 || 7 | 7 | Dhcp | VirtualRouter | 2013-04-08 21:25:16 || 8 | 8 | PortForwarding | VirtualRouter | 2013-04-08 21:25:16 || 9 | 8 | UserData | VirtualRouter | 2013-04-08 21:25:16 || 10 | 8 | Dns | VirtualRouter | 2013-04-08 21:25:16 || 11 | 8 | StaticNat | VirtualRouter | 2013-04-08 21:25:16 || 12 | 8 | Lb | VirtualRouter | 2013-04-08 21:25:16 || 13 | 8 | SourceNat | VirtualRouter | 2013-04-08 21:25:16 || 14 | 8 | Firewall | VirtualRouter | 2013-04-08 21:25:16 || 15 | 8 | Gateway | VirtualRouter | 2013-04-08 21:25:16 || 16 | 8 | Vpn | VirtualRouter | 2013-04-08 21:25:16 || 17 | 8 | Dhcp | VirtualRouter | 2013-04-08 21:25:16 || 18 | 9 | UserData | VirtualRouter | 2013-04-08 21:25:16 || 19 | 9 | Dns | VirtualRouter | 2013-04-08 21:25:16 || 20 | 9 | Dhcp | VirtualRouter | 2013-04-08 21:25:16 || 21 | 10 | UserData | VirtualRouter | 2013-04-08 21:25:16 || 22 | 10 | Dns | VirtualRouter | 2013-04-08 21:25:16 || 23 | 10 | Lb | Netscaler | 2013-04-08 21:25:16 || 24 | 10 | StaticNat | Netscaler | 2013-04-08 21:25:16 || 25 | 10 | SecurityGroup | SecurityGroupProvider | 2013-04-08 21:25:16 || 26 | 10 | Dhcp | VirtualRouter | 2013-04-08 21:25:16 || 27 | 11 | PortForwarding | VpcVirtualRouter | 2013-04-08 21:25:16 || 28 | 11 | UserData | VpcVirtualRouter | 2013-04-08 21:25:16 || 29 | 11 | NetworkACL | VpcVirtualRouter | 2013-04-08 21:25:16 || 30 | 11 | Dns | VpcVirtualRouter | 2013-04-08 21:25:16 || 31 | 11 | StaticNat | VpcVirtualRouter | 2013-04-08 21:25:16 || 32 | 11 | Lb | VpcVirtualRouter | 2013-04-08 21:25:16 || 33 | 11 | SourceNat | VpcVirtualRouter | 2013-04-08 21:25:16 || 34 | 11 | Gateway | VpcVirtualRouter | 2013-04-08 21:25:16 || 35 | 11 | Vpn | VpcVirtualRouter | 2013-04-08 21:25:16 || 36 | 11 | Dhcp | VpcVirtualRouter | 2013-04-08| 37 | 12 | PortForwarding | VpcVirtualRouter | 2013-04-08| 38 | 12 | UserData | VpcVirtualRouter | 2013-04-08| 39 | 12 | NetworkACL | VpcVirtualRouter | 2013-04-08| 40 | 12 | Dns | VpcVirtualRouter | 2013-04-08| 41 | 12 | StaticNat | VpcVirtualRouter | 2013-04-08| 42 | 12 | SourceNat | VpcVirtualRouter | 2013-04-08| 43 | 12 | Gateway | VpcVirtualRouter | 2013-04-08| 44 | 12 | Vpn | VpcVirtualRouter | 2013-04-08| 45 | 12 | Dhcp | VpcVirtualRouter | 2013-04-08+----+---------------------+----------------+-----------------------+-----------45 rows in set (0.00 sec) mysql> delete from ntwk_offering_service_map where id=2;Query OK, 1 row affected (0.01 sec) mysql> quit
Thanks, David > From: mathias.mull...@citrix.com > To: users@cloudstack.apache.org > Subject: Re: Using different DNS for guests than Virtual Router > Date: Tue, 23 Apr 2013 16:59:20 +0000 > > There is, I'll have to work on the SQL statement later today for you. > What's the ID of your network offering that you are using? > > Thanks, > Matt > > > On 4/23/13 9:56 AM, "David Ortiz" <dpor...@outlook.com> wrote: > > >Matt, > > That sounds like exactly what I am going for. Is there a way to > >disable dns on a network/virtual router that already exists, or would I > >need to do this prior to creating the zone? > >Thanks, David > > > >> From: mathias.mull...@citrix.com > >> To: users@cloudstack.apache.org > >> Subject: Re: Using different DNS for guests than Virtual Router > >> Date: Tue, 23 Apr 2013 16:04:02 +0000 > >> > >> David, > >> > >> I've done a lot of installs with AD. Your best bet is to just remove the > >> the DNS function from the virtual router. Leave DHCP in place, don't > >>have > >> that be taken over by external DHCP as it will cause issues. > >> > >> Also tweaking the dnsmasq is a short term fix as it will only go away > >>once > >> the VR reboots. > >> > >> Once you remove DNS, you then set your public and private DNS in the > >>zone > >> to your active directory servers. That will automatically filter down to > >> the VMs and you'll get the desired results. > >> > >> Hope this helps, > >> Matt > >> > >> > >> On 4/23/13 8:51 AM, "David Ortiz" <dpor...@outlook.com> wrote: > >> > >> >Hello Ahmad, > >> > That was my initial attempt. The issue I ran into was that the > >> >dnsmasq settings on the Virtual Router seem to block the traffic that > >>was > >> >required for the machine to join the domain. I played around with the > >> >settings a little bit and was able to get it to find the domain, so I > >> >would imagine that I could tweak it some more to not be an issue. > >> >However, any changes I make on the virtual router only last until it is > >> >restarted, so without a way to make those permanent I have to > >>circumvent > >> >it entirely. The blog post that Murali linked for how to set up a > >> >network without DHCP and DNS seems like it was probably the correct way > >> >to do it, but as far as I can tell would require me to start my zone > >>from > >> >scratch, so I am trying to avoid that if possible. > >> >Thanks, David Ortiz > >> > > >> >> CC: users@cloudstack.apache.org > >> >> From: aemne...@gmail.com > >> >> Subject: Re: Using different DNS for guests than Virtual Router > >> >> Date: Tue, 23 Apr 2013 08:49:06 -0700 > >> >> To: users@cloudstack.apache.org > >> >> > >> >> Coming from someone that has no clue about active directory... If > >>your > >> >>using a basic zone, why don't you have the AD server deployed outside > >>of > >> >>cloudstack s control. Then point have your dns entries point to it. > >>Have > >> >>the default security group for guests open to the ports AD works on. > >> >> > >> >> Ahmad > >> >> > >> >> On Apr 22, 2013, at 1:42 PM, David Ortiz <dpor...@outlook.com> wrote: > >> >> > >> >> > Hello, > >> >> > I am trying to setup a Windows AD server as a guest on my > >> >>cloudstack cluster, and join my other guests to the domain it is > >>serving > >> >>using PowerBroker Identity Services Open. From what I am seeing, the > >> >>virtual router will block me from being able to perform nslookup or > >>join > >> >>the domain using the domainjoin-cli command. If I modify > >> >>/etc/resolv.conf to point directly at my DC as the dns server, it can > >> >>join the domain without any issues. Unfortunately when I reboot, the > >> >>dhcp setup with the virtual router will point it back to the virtual > >> >>router as the name server. I also found that I could get nslookup > >>(but > >> >>not joining the domain) to work by playing with the dnsmasq.conf > >> >>settings on the virtual router a little bit, which works until it is > >> >>rebooted at which point they revert back to what they had been > >> >>originally. Is there a way to get the virtual router to point guests > >>at > >> >>the domain controller as the DNS, or to set up the dnsmasq to allow > >>the > >> >>AD joins to occur (and make those settings persistent)? Or > >> >>alternatively, would I be able to set up DHCP on the DC and just > >> >>circumvent the virtual router entirely? > >> >> > Thanks, > >> >> > David Ortiz > >> > > >> > > >