Per-zone DNS resolution for homelabs

One of the problems I’ve had with my homelab is the fact that logging into my corporate VPN every day changes my DNS servers, so I cannot resolve homelab DNS. For the past 4+ years I’ve gotten past this using hostfile entries, which is quite annoying when you’re spinning up workloads dynamically.

I posted this question the VMware homelab Slack channel and Steve Tilkens came back with /private/etc/resolver for the Mac. He wrote:

Just create a file in that directory named whatever your lab domain name is (i.e. – “lab.local”) and the contents should contain the following:

This didn’t help me on Windows, but immediately helped another employee.

But then I started Googling around for things like ‘/private/etc/resolver for Windows’ and somewhere I found somebody suggesting the Windows NRPT. The first hit on my search was a Scott Lowe blog talking about using the resolver trick on a Mac so if you want a detailed explanation of the Mac stuff, check it out.

Anyway it took me like 10 seconds to open up the Local Group Policy editor (gpedit.msc) on my laptop and configure my laptop to resolve my AD domain via my homelab domain controllers. Years of searching over!


  1. Greg

    Isn’t that the same as going to C:\Windows\System32\drivers\etc and editing your hosts file?. (Make sure you don’t accidentally make it a text file)

    Then Windows resolves all the DNS entries there before using your actual DNS servers.

    or did you try that?

    1. pkremer

      I have to put DNS entries in MS DNS anyway so the lab machines work correctly. Configuring DNS resolution as described in the post lets me avoid having to duplicate work by also adding them to the hostfile. The biggest plus is automation jobs – when workloads auto spin up in the lab, I don’t have to manually update my hostfile to reach them.

Leave a Reply

Your email address will not be published. Required fields are marked *