Wednesday, August 27, 2014

Azure DNS Private Zone Preview not working with ubuntu virtual machines




I need help getting the DNS resolution working using an Azure DNS private Zone.
I followed the documentation here: https://docs.microsoft.com/en-us/azure/dns/private-dns-getstarted-cli



I was able to create the private zone example.local and I created an A record called jump.example.local.
As the documentation tells it to do, I then created 2 VMs Ubuntu 18.04 LTS.
Took one of the IP which is 10.0.1.4 and updated my jump.example.local record with it.



When I am trying to do from the os the following command line I get no result from my A record.




    dig jump.example.local


if I do check my dns resolution configurations I get:



    systemd-resolve --status
Global
DNSSEC NTA: 10.in-addr.arpa
16.172.in-addr.arpa
168.192.in-addr.arpa

17.172.in-addr.arpa
18.172.in-addr.arpa
19.172.in-addr.arpa
20.172.in-addr.arpa
21.172.in-addr.arpa
22.172.in-addr.arpa
23.172.in-addr.arpa
24.172.in-addr.arpa
25.172.in-addr.arpa
26.172.in-addr.arpa

27.172.in-addr.arpa
28.172.in-addr.arpa
29.172.in-addr.arpa
30.172.in-addr.arpa
31.172.in-addr.arpa
corp
d.f.ip6.arpa
home
internal
intranet

lan
local
private
test

Link 2 (eth0)
Current Scopes: DNS
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no

DNSSEC supported: no
DNS Servers: 168.63.129.16
DNS Domain: xqelsdawdufutaole0y2mhw4zb.vx.internal.cloudapp.net


If I use directly in dig the dns servers pointed out by my dns config from the vm, it finds the desired A record.



    dig @168.63.129.16 jump.example.local 

; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> @168.63.129.16 jump.example.local

; (1 server found)
;; global options: +cmd
;; Got answer:
;; WARNING: .local is reserved for Multicast DNS
;; You are currently testing what happens when an mDNS query is leaked to DNS
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62699
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000

; COOKIE: 4681bec0bce6fa9e (echoed)
;; QUESTION SECTION:
;jump.example.local. IN A

;; ANSWER SECTION:
jump.example.local. 2042 IN A 10.0.1.4

;; Query time: 1 msec
;; SERVER: 168.63.129.16#53(168.63.129.16)
;; WHEN: Mon Aug 27 16:11:54 UTC 2018

;; MSG SIZE rcvd: 76


I tried rebooting the VM I am trying to inject the configuration within netplan.
But it doesn't seem to catch up the dns server to use.



the netplan configuration file



    # /etc/netplan/50-cloud-init.yaml
network:

version: 2
ethernets:
ephemeral:
dhcp4: true
match:
driver: hv_netvsc
name: '!eth0'
optional: true
hotpluggedeth0:
dhcp4: true

match:
driver: hv_netvsc
name: 'eth0'
nameservers:
addresses: [168.63.129.16]
search: [example.local]


It looks to me that the ubuntu os is not able to catch that the example.local zone should be forwarded to Azure DNS.




Update #1



I though of using another TLD which doesn't exist or is not part of the list the command line systemd-resolve --status returns and I used .xyz instead and this time it worked out without any problem. So it seems to me that I need to figure out the proper netplan configuration to force example.local to be searched against the proper nameserver and not the 127.0.0.53:53 dns name resolver which is started by the systemd-resolve service.



Update #2



Here is the configuration file /etc/netplan/50-cloud-init.yaml.



    # This file is generated from information provided by
# the datasource. Changes to it will not persist across an instance.

# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
network:
version: 2
ethernets:
eth0:
dhcp4: true
match:
macaddress: 00:0d:3a:f4:5a:99

set-name: eth0
nameservers:
addresses: [168.63.129.16]
search: [example.local]


Once you edited the file and applied the command line sudo netplan apply it works. I also tried a reboot and the configurations is kept in place. Thanks to @nancy-xiong-msft for the tests.


Answer



It seems that you have figured it out. I also test this using Ubuntu LTS 16 and Ubuntu LTS 18.04. The same scenario of dig vm01.contoso.local without result happened in Ubuntu LTS 18.04. However, It did work in Ubuntu LTS 16. I think this is because of the way Ubuntu manages network interfaces has completely changed.




Also, I add followings to netplan configuration



nameservers:
addresses: [168.63.129.16]
search: [contoso.local]


Then, run the sudo netplan apply, It is working now.



enter image description here




Ref: Configure Static IP Addresses On Ubuntu 18.04 LTS Server


No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...