Quick DNS Question



  • So I'm using Identity Management (FreeIPA) for my DNS and authentication in my home. This is replacing a manual bind server that I've had running for a long time. Is it better practice to have multiple A records for devices with ZeroTier or is it better to have a separate zone? Currently the Bind server has a separate zone for the ZeroTier addresses. Multiple A records works fine, just curious what's the better answer.

    I could just make SSH tunnels through my jump box for everything, but I'm lazy.

    Also, I don't see the option to ask as a question any more.



  • @scottalanmiller said in Quick DNS Question:

    @stacksofplates said in Quick DNS Question:

    Also, I don't see the option to ask as a question any more.

    I'll check on that. I turned your into one, though.

    Thanks, I'm on my Chromebook so it might be something weird. Who knows.



  • Two entries on the same DNS can be a pain. Two entries in the A record means that it will do round robin, so that ends up being an unhappy situation. What about using only the ZeroTier record and not the local IP address at all?



  • @scottalanmiller said in Quick DNS Question:

    Two entries on the same DNS can be a pain. Two entries in the A record means that it will do round robin, so that ends up being an unhappy situation. What about using only the ZeroTier record and not the local IP address at all?

    It's mostly laziness. I use my Chromebook for a lot (it's pretty much what I take everywhere) because the battery lasts forever, no fans, light, etc. Whenever I want to use ZeroTier I have to start a chroot and start the ZeroTier service and then manually configure the eth device in the ChromeOS settings (it won't save the settings for some reason). I was kind of trying to figure out a way to not have to do that at home if I didn't need to.



  • @stacksofplates said in Quick DNS Question:

    @scottalanmiller said in Quick DNS Question:

    Two entries on the same DNS can be a pain. Two entries in the A record means that it will do round robin, so that ends up being an unhappy situation. What about using only the ZeroTier record and not the local IP address at all?

    It's mostly laziness. I use my Chromebook for a lot (it's pretty much what I take everywhere) because the battery lasts forever, no fans, light, etc. Whenever I want to use ZeroTier I have to start a chroot and start the ZeroTier service and then manually configure the eth device in the ChromeOS settings (it won't save the settings for some reason). I was kind of trying to figure out a way to not have to do that at home if I didn't need to.

    I must be missing the use case. If the ZeroTier is on, you see the internal DNS entries. If ZeroTier is on, then you can see the internal BIND because it's on ZT?



  • @scottalanmiller said in Quick DNS Question:

    @stacksofplates said in Quick DNS Question:

    @scottalanmiller said in Quick DNS Question:

    Two entries on the same DNS can be a pain. Two entries in the A record means that it will do round robin, so that ends up being an unhappy situation. What about using only the ZeroTier record and not the local IP address at all?

    It's mostly laziness. I use my Chromebook for a lot (it's pretty much what I take everywhere) because the battery lasts forever, no fans, light, etc. Whenever I want to use ZeroTier I have to start a chroot and start the ZeroTier service and then manually configure the eth device in the ChromeOS settings (it won't save the settings for some reason). I was kind of trying to figure out a way to not have to do that at home if I didn't need to.

    I must be missing the use case. If the ZeroTier is on, you see the internal DNS entries. If ZeroTier is on, then you can see the internal BIND because it's on ZT?

    Were both of those meant to say ZeroTier is on?



  • If ZeroTier on the Chromebook is off, I need a way to resolve the local IP of the devices when I'm at home so I don't have to go through the process of starting ZeroTier on my Chromebook every time I want to use it at home. The only way I know how to do that is either a separate Zone or multiple A records. If there is something else, I'll be happy to do it.



  • @stacksofplates said in Quick DNS Question:

    If ZeroTier on the Chromebook is off, I need a way to resolve the local IP of the devices when I'm at home so I don't have to go through the process of starting ZeroTier on my Chromebook every time I want to use it at home. The only way I know how to do that is either a separate Zone or multiple A records. If there is something else, I'll be happy to do it.

    Oh I see, and ZeroTier can't start automatically on the Chromebook? That's why it works normally, it fires up automatically.



  • @stacksofplates said in Quick DNS Question:

    Whenever I want to use ZeroTier I have to start a chroot and start the ZeroTier service and then manually configure the eth device in the ChromeOS settings (it won't save the settings for some reason).

    Now I see. That makes this a huge pain. Because of this you miss the pieces that ZeroTier has to make this work.

    I wonder if there is a way to fix this.



  • @scottalanmiller said in Quick DNS Question:

    @stacksofplates said in Quick DNS Question:

    Whenever I want to use ZeroTier I have to start a chroot and start the ZeroTier service and then manually configure the eth device in the ChromeOS settings (it won't save the settings for some reason).

    Now I see. That makes this a huge pain. Because of this you miss the pieces that ZeroTier has to make this work.

    I wonder if there is a way to fix this.

    I might be able to install from source on the Chromebook, but the chroot is a safer option. Things are set up strangely on these.

    Zones would be fine, but things like the Identity Management interface will auto resolve itself in the browser. So if I type the IP, it auto redirects to the FQDN of the local address. That's what I get for not just using the cli tools all of the time and depending on the web interface.



  • The other thing I've been mulling about is just removing ChromeOS all together. This one has a dual core celeron (it runs ChromeOS and a full Gnome 3 DE in a chroot with no hiccups) so it should be fine for what I'm using it for.



  • @stacksofplates said in Quick DNS Question:

    The other thing I've been mulling about is just removing ChromeOS all together. This one has a dual core celeron (it runs ChromeOS and a full Gnome 3 DE in a chroot with no hiccups) so it should be fine for what I'm using it for.

    how much memory? That's often the killer.



  • @scottalanmiller said in Quick DNS Question:

    @stacksofplates said in Quick DNS Question:

    The other thing I've been mulling about is just removing ChromeOS all together. This one has a dual core celeron (it runs ChromeOS and a full Gnome 3 DE in a chroot with no hiccups) so it should be fine for what I'm using it for.

    how much memory? That's often the killer.

    4GB. It should be enough to run fine. Esp for what I'm using it for. Not like I'm playing games or doing 3D modeling.



  • That's not bad, lots of them are 2GB which is really lean.



  • @scottalanmiller said in Quick DNS Question:

    That's not bad, lots of them are 2GB which is really lean.

    But even 2 GB should be fine for a little Gnome. 4 GB is plenty.



  • I use 4GB on Mint and I use up all of the memory just with a web browser, so it really depends what you are doing. 6GB and I am pretty good, 4GB tends to be pretty tight for me.



  • @scottalanmiller said in Quick DNS Question:

    I use 4GB on Mint and I use up all of the memory just with a web browser, so it really depends what you are doing. 6GB and I am pretty good, 4GB tends to be pretty tight for me.

    Browsers are a killer, sure.



  • @scottalanmiller said in Quick DNS Question:

    That's not bad, lots of them are 2GB which is really lean.

    That's kind of why I got this one. Decent little computer for $279



  • @scottalanmiller said in Quick DNS Question:

    I use 4GB on Mint and I use up all of the memory just with a web browser, so it really depends what you are doing. 6GB and I am pretty good, 4GB tends to be pretty tight for me.

    It's been solid for me with ChromeOS running and another full desktop environment running along side it. I'm pretty impressed with it.



  • I got the BIOS set up so now I can boot from a live USB. Fedora 24 boots and runs fine but no sound drivers. I'll have to investigate.



  • @stacksofplates said in Quick DNS Question:

    I got the BIOS set up so now I can boot from a live USB. Fedora 24 boots and runs fine but no sound drivers. I'll have to investigate.

    Might be a great use case for Korora!



  • @scottalanmiller said in Quick DNS Question:

    @stacksofplates said in Quick DNS Question:

    I got the BIOS set up so now I can boot from a live USB. Fedora 24 boots and runs fine but no sound drivers. I'll have to investigate.

    Might be a great use case for Korora!

    Ya I need to try it. I had a fedora 24 ISO already downloaded so I just used that.

    That was one gripe I had with the crouton stuff, it's all Ubuntu based. And all of the "supported" released were ancient.

    Now that I can have a RHEL system, I can use identity management on it



  • FreeIPA doesn't work with Ubuntu?



  • @scottalanmiller said in Quick DNS Question:

    FreeIPA doesn't work with Ubuntu?

    It supposedly does, it's much different and I haven't had success with it.



  • So both Korora and Fedora had issues with the screen flashing. Korora initially, and Fedora 24 after I did the updates. Not sure what was going on. So I switched to ElementaryOS Freya, and I'm using it right now. It's working out pretty well.



  • So Elementary didn't work either. ZeroTier couldn't install because of dependency issues. They are still on 14.04 and haven't released the 16.04 version yet. So I tried to manually run the ZeroTier setup by manually importing the GPG key and manually adding the repo. Didn't work, so I finally settled on Ubuntu Gnome. I've used it before and I can have my default extensions that I like using. Everything is set up and working now.



  • I would simplify things and maybe zone for a separate zone for ZT.



  • @stacksofplates said in Quick DNS Question:

    So Elementary didn't work either. ZeroTier couldn't install because of dependency issues. They are still on 14.04 and haven't released the 16.04 version yet. So I tried to manually run the ZeroTier setup by manually importing the GPG key and manually adding the repo. Didn't work, so I finally settled on Ubuntu Gnome. I've used it before and I can have my default extensions that I like using. Everything is set up and working now.

    All of that Ubuntu community "it's cool to be old" crap kills anything built on Ubuntu.



  • I can't believe I didn't do this a while back. No more chroots to run real applications. I also have my home folder on a 128GB USB 3 flash drive that's pretty tiny. It's a pretty nice and cheap setup.



  • @stacksofplates said in Quick DNS Question:

    I can't believe I didn't do this a while back. No more chroots to run real applications. I also have my home folder on a 128GB USB 3 flash drive that's pretty tiny. It's a pretty nice and cheap setup.

    Unless you are an actual end users, I can't imagine wanting to use ChromeOS instead of a "real" OS.