Skip to content

Configure DNS

Goal

Configure the initial DNS baseline for corp.gntech.lab.

Validation commands

Resolve-DnsName corp.gntech.lab
Resolve-DnsName HQ-DC01.corp.gntech.lab
Resolve-DnsName _ldap._tcp.dc._msdcs.corp.gntech.lab -Type SRV

Reverse lookup zone

Create reverse zone for the Servers subnet:

Add-DnsServerPrimaryZone -NetworkId "172.20.20.0/24" -ReplicationScope "Domain"

Optional Workstations reverse zone:

Add-DnsServerPrimaryZone -NetworkId "172.20.30.0/24" -ReplicationScope "Domain"

Forwarders

Example:

Set-DnsServerForwarder -IPAddress 172.20.20.1

Use the firewall as forwarder if OPNsense DNS Resolver is enabled.

Rule

Domain members must use AD DNS only.