One of the problems I’ve had with my homelab is the fact that logging into my corporate VPN every day changes my DNS servers, so I cannot resolve homelab DNS. For the past 4+ years I’ve gotten past this using hostfile entries, which is quite annoying when you’re spinning up workloads dynamically.
I posted this question the VMware homelab Slack channel and Steve Tilkens came back with /private/etc/resolver for the Mac. He wrote:
Just create a file in that directory named whatever your lab domain name is (i.e. – “lab.local”) and the contents should contain the following:
nameserver 192.168.0.1
nameserver 192.168.0.2
This didn’t help me on Windows, but immediately helped another employee.
But then I started Googling around for things like ‘/private/etc/resolver for Windows’ and somewhere I found somebody suggesting the Windows NRPT. The first hit on my search was a Scott Lowe blog talking about using the resolver trick on a Mac so if you want a detailed explanation of the Mac stuff, check it out.
Anyway it took me like 10 seconds to open up the Local Group Policy editor (gpedit.msc) on my laptop and configure my laptop to resolve my AD domain via my homelab domain controllers. Years of searching over!
Joe Cooper
AWESOME!!!!!!!!!! Nicely done, Patrick!
Simplified Home Lab Domain Name Resolution – Enterprise Admins.org
[…] Windows Name Resolution Policy Table (NRPT): http://www.patrickkremer.com/per-zone-dns-resolution-for-homelabs/ […]
Greg
Isn’t that the same as going to C:\Windows\System32\drivers\etc and editing your hosts file?. (Make sure you don’t accidentally make it a text file)
Then Windows resolves all the DNS entries there before using your actual DNS servers.
or did you try that?
pkremer
I have to put DNS entries in MS DNS anyway so the lab machines work correctly. Configuring DNS resolution as described in the post lets me avoid having to duplicate work by also adding them to the hostfile. The biggest plus is automation jobs – when workloads auto spin up in the lab, I don’t have to manually update my hostfile to reach them.
Andy Konecny
Nice, this even works without any AD in sight
just have to remember gpedit.msc for this for those of us who don’t work with AD stuff
pkremer
Added gpedit.msc to the post per your suggestion.
Technology Short Take 128 - s0x
[…] Patrick Kremer shares a workaround for DNS resolution for home labs when using corporate VPNs. […]