I have an old machine that I wish to reuse, it has two network interfaces, one faces WAN, and the other is LAN,
WAN is 192.168.0.2, there are DHCP and DNS servives that are active on the router that serve other people that I do not wish to interact with, at 18.104.22.168.
All I want is to be able to do on that end is access remotely.
LAN is 172.16.0.1
On here, I want the following, DHCP, DNS, AD/domain, and Pi-hole.
I would somehow container/ virtualise the Pi-hole and have that set up with DNS forwarding, with a network interface just for it, so it acts as if it was connected with the one interface, at, say 172.16.0.2. However this machine does not support virtualisation at all, as it’s an old laptop.
What’s the best way to get all of these things cooperating? What packages and configs should I edit or create to enable this functionality?
I have not started to rebuild the software on this box, and I would like to have a fresh start, so if there’s a choice of distro here that’s easier to do this on, then please let me know.
I’ve been doing stuff up until now on Zentyal, I think it’s time to learn how to do this manually, as the web interface is far too much for the machine. This will be the first domain I have set up, I have never done this before with Samba.
I’m not sure i’ve gotten 100% what you are trying to do here.
So, you are part of an existing network (192.168.0.2 certainly isn’t WAN in the classical sense). You now want to have your own Server in that network that serves a different subnet for your devices. Is this correct?
DHCP and DNS are pretty straight forward under Linux. Pi-Hole is too. If you want to containerize it, look into docker. Setup is easy and documentation is great.
I have no clue on AD/Domain. I’ve never set one up on Linux. What would you use that for?
There shouldn’t be any steps to make things “cooperate” in any way. You set up a DHCP Server, and it will Broadcast and be detected by DHCP Clients. Make sure to only configure it on the LAN side. For DNS, you already have the Pi-Hole. No need for a seperate DNS Server. Just use the Pi-Hole and forward to wither the other Networks DNS or your Providers. Pi-Hole is just installed and configured on Client as the DNS Server. You can also let your DHCP Server Distribute the DNS Setting for your Network.
In terms of Distro i’d say it doesn’t really matter. I’m a fan of Debian, but Ubuntu, Fedora, Suse all should work. It’s just a matter of what package manager you like best. And if you are using Docker, you won’t even be using that that much.
No it doesn’t. Pi-Hole is your primary DNS. It only ever returns IP’s for Hostnames in it’s filter list. Everything it doesn’t know is forwarded to the DNS-Forwarder you configure in Pi-Hole. And this has nothing to do with a Domain/AD.
So, if your Hyper-V server has a Hostname like hyperv.localdomain.com and you are trying to access it from any client in your Network, the DNS request is send to the Pi-Hole (configured primary DNS Server on the client). The Pi-Hole has no clue what hyperv.localdomain.com is, so forwards it to your local DNS Server, which returns the proper IP-Adress.
If you have Hyper-V and Windows VM’s anyways, why not run the AD for them on one of those?
I will give that a try, I’ll set up the domain controller first, before Pi-hole and go from there.
I’ve been told it’s a really bad idea to host the controller in a VM, and the VM host isn’t a 24/7 box, so I would lose functionality when that VM is powered down. I do intend to run a secondary controller on there, but only as a backup solution.
In this case, yes, running the DC on something that’ll be on 24/7 might be a good idea. Though, running your DC virtualized should not be a Problem. We have this setup for many clients. The only thing you’d want to have seperate is any kind of Backup. Depends on your needs really. But as said, i won’t be of any help in setting up a Domain on a Linux Server. Have never done this.
Those two do different things. The Domain Controller manages (as the name implies) your Domain. The Pi-Hole is a DNS. DNS is really straight forward. It’s always a chain of DNS. You can configure how ever many you want as long as the refer to each other in a chain. So:
Client -> Pi-Hole -> Local DNS -> ISP DNS ->
The Pi-Hole’s sole Purpose is to refer Domains that contain adds to non existing IP’s, so Adds won’t load. It does not interfere with any DNS requests that don’t contain known Adds.