ndm
ndm copied to clipboard
gitbls
ndm to configure multi zone dns and dhcp?
Hello can i serve multiple separated subnets with separated dhcp and dns?
I created a virtual machine with 5 interfaces in different VLANs. I want to serve a dhcp configuration and dns config for each subnet. The subnets have separate use cases like DMZ / Management e.g.
eth1= 10.9.20.0/24 eth2= 10.9.21.0/24 [...]
Is this possible with ndm?
As i do not want to create a VM for every subnet.
Hi, thanks for your interest in ndm. At the moment, ndm only supports a single NIC with respect to automatically generating all the config files. That said, I have thought about enabling ndm to support multiple NICs each with a separate IP address space, which would support your use case.
In the meantime, it should be possible, with appropriate machinations, to generate multiple independent configuration files and hand-edit/merge them together into a single DNS/DHCP database, assuming that the DNS/DHCP servers are capable of handling this in a single instantiation.
Alternatively, rather than using VMs, which are clearly too heavyweight for this, docker containers, which are much more lightweight than VMs, might be a viable approach.
LMK if you are seriously interested in using ndm for your use case, and I'll further investigate to ensure that the DNS/DHCP servers can actually handle such a configuration, and the work required to implement it.
Thanks for your reply.
the VM was only for testing easyness ;-)
Yes we are interested in a solution. We refresh our network and adding VLAN segments. Our firewall is only capable of serving 1 DHCP/DNS range. So we need around 4-5 DHCP/DNS Server for other segments.
As we are truely biased to open-source software it would be great to have a solution incorporating this. And we are not feared of CLI Tools. so it suits well for us.
Currently i added virtual nics to the VM and assigned a "virtual" Port-based VLAN tagging. As linux is capable it would be an option to use one NIC with linux VLAN handling (but dropping performance significantly maybe?) to the linux side (eth1.15).
OK. I'll take a look into sorting this out. Not starting from ground zero, but need to think about how best to control it (via command line switches, etc).
It won't take forever, but I don't recommend holding your breath, either 🙄
okay, thank you very much.
i am thinking about using a opnsense machine for this in the meantime. but it is way overkill for just DHCP/DNS...
Quick update: I've worked out the design and database updates. Next up: coding, testing, and finding/fixing the things that I didn't consider 🤣
Question for you: I'm currently planning to only support a single domain. This means that all hosts, regardless of which subnet/vlan they are on, will be in the same domain. The other alternatives that I can think of are to add a subdomain-per-subnet, or to have a completely separate TLD for each subnet.
What are your thoughts on this?
I'm nearing completion on this. If you're still interested in this, would you be able to do testing in a larger scale environment than my test rig?
Yes i can give IT a try. But need some time due to other workload. And i have to Setup some Lab Segments in our Network to Not kill production 😅
Secondary subnet support is available in V2.12, now on this github. Please give it a try when you have an opportunity, and let me know how it goes. I've done basic testing on a host with 3 network adapters, and one host on each subnet, so interested in hearing about your experience on a larger configuration!
Closing this issue. @hurr1k4ne if you need further assistance on this, please re-open this ticket or open a new one.