Home Network Setup
-
Patient: "It hurts when I hit myself in the head."
Doctor: "Stop hitting yourself in the head." -
In a normal network, with scanners on DHCP, that isn't a Windows network, there is no such need as this, the very idea sounds so silly. Given that avoiding the Windows CALs here is automatic and the default, do you see why it's confusing that there is nothing to answer other than "don't do that?"
-
@scottalanmiller said in Home Network Setup:
Patient: "It hurts when I hit myself in the head."
Doctor: "Stop hitting yourself in the head."Just becomes a problem, if someone hits you in the head lol...
-
I know what is going on here. There is a false assumption being added, and totally unstated, and it is the bases for all of the conclusions. Ready...
A few people are assuming Active Directory here, and have never mentioned it.
-
Problem with the AD assumption:
- It is never mentioned, at all. Not even hinted at.
- Replacing DNS and DHCP alone don't fix the need to replace AD, so don't solve the CAL issue as asked.
-
@scottalanmiller said in Home Network Setup:
In a normal network, with scanners on DHCP, that isn't a Windows network, there is no such need as this, the very idea sounds so silly. Given that avoiding the Windows CALs here is automatic and the default, do you see why it's confusing that there is nothing to answer other than "don't do that?"
So you're saying the scanners go on their own network, and the windows laptop is on a separate network - so non issue, since the scanner network can use some other DHCP/DNS service that has no licensing fee?
-
@scottalanmiller said in Home Network Setup:
Here is the alternate.... on a non-Windows network, I don't want DNS listing random dynamic guests. That's the simplest solution. Windows does something I have no desire to have. Given that I don't know what purpose it serves, it's hard to figure out what you are actually looking to accomplish.
Windows DNS can be set to only allow secure dynamic updates, non secure dynamic updates, none. I think the default is secure dynamic updates.
-
@scottalanmiller said in Home Network Setup:
Problem with the AD assumption:
- It is never mentioned, at all. Not even hinted at.
- Replacing DNS and DHCP alone don't fix the need to replace AD, so don't solve the CAL issue as asked.
NO - that is an assumption now on your part - I'm talking about using Windows Server to provide DHCP and DNS. Now granted - why in the world would you do this if you don't have AD, you wouldn't, so the chances are great that AD is being used for the Windows machines, but still not really relevant to the question.
-
So, in the real world, where we work from business goals, we have two basic things we would do. Neither matches what is asked.
-
Non-AD Network (the one we are dealing with here.) There is no value or purpose to DDNS in this scenario. You have no problem to solve. Simply remove the Windows servers and go to normal, everyday DHCP and DNS. Ubiquiti, Linux VMs, everything already handle this perfectly well. There is nothing for the industry to improve here.
-
AD Network (not the scenario we are discussing.) External DNS and DHCP cannot handle the updates for this, this is a limitation of the architecture and is not related to Windows or Linux. In this case, AD itself, not DHCP, has to update DNS and in both Windows and Linux cases, does so automatically as DNS must be part of AD. This is all transparent and cannot be handled by external DNS servers. Linux via Samba4, the only way to get AD apart from Windows own AD, has both the DNS server and the AD-pushed updates to it all included in the same package, all working out of the box as it has to by definition in being an AD replacement. So in this scenario, there is nothing to change or configure and would be handled automatically when needed by the nature of having implemented AD.
-
-
@black3dynamite said in Home Network Setup:
@scottalanmiller said in Home Network Setup:
Here is the alternate.... on a non-Windows network, I don't want DNS listing random dynamic guests. That's the simplest solution. Windows does something I have no desire to have. Given that I don't know what purpose it serves, it's hard to figure out what you are actually looking to accomplish.
Windows DNS can be set to only allow secure dynamic updates, non secure dynamic updates, none. I think the default is secure dynamic updates.
We've dropped the dynamic update/DDNS from the discussion at this point, since Scott is calling it a red herring.
-
@dashrender said in Home Network Setup:
@scottalanmiller said in Home Network Setup:
Problem with the AD assumption:
- It is never mentioned, at all. Not even hinted at.
- Replacing DNS and DHCP alone don't fix the need to replace AD, so don't solve the CAL issue as asked.
NO - that is an assumption now on your part - I'm talking about using Windows Server to provide DHCP and DNS.
If you are talking about that, then you already know your answer. Stop using them. Problem solved. Your question makes no sense without AD. It serves no purpose.
-
@scottalanmiller said in Home Network Setup:
So, in the real world, where we work from business goals, we have two basic things we would do. Neither matches what is asked.
- Non-AD Network (the one we are dealing with here.) There is no value or purpose to DDNS in this scenario. You have no problem to solve. Simply remove the Windows servers and go to normal, everyday DHCP and DNS. Ubiquiti, Linux VMs, everything already handle this perfectly well. There is nothing for the industry to improve here.
Well DDNS could have value if you want to manage your devices by name, not IP address, but otherwise - fine.
-
@dashrender said in Home Network Setup:
@scottalanmiller said in Home Network Setup:
In a normal network, with scanners on DHCP, that isn't a Windows network, there is no such need as this, the very idea sounds so silly. Given that avoiding the Windows CALs here is automatic and the default, do you see why it's confusing that there is nothing to answer other than "don't do that?"
So you're saying the scanners go on their own network, and the windows laptop is on a separate network - so non issue, since the scanner network can use some other DHCP/DNS service that has no licensing fee?
I have no idea what you are talking about now. I've said nothing of the sort. There is zero need for the things you are asking for, there is no need for "different networks" or anything like that. Just stop trying to use DDNS and everything is fixed instantly.
-
@dashrender said in Home Network Setup:
@scottalanmiller said in Home Network Setup:
So, in the real world, where we work from business goals, we have two basic things we would do. Neither matches what is asked.
- Non-AD Network (the one we are dealing with here.) There is no value or purpose to DDNS in this scenario. You have no problem to solve. Simply remove the Windows servers and go to normal, everyday DHCP and DNS. Ubiquiti, Linux VMs, everything already handle this perfectly well. There is nothing for the industry to improve here.
Well DDNS could have value if you want to manage your devices by name, not IP address, but otherwise - fine.
How would that work? What use case is there for that?
-
All this said, of course you can do it. It's just a silly thing to want and doesn't, AFAIK, serve any purpose. But here is a quick guide if you really wanted DHCP to do these updates for you.
-
Help me understand, are we talking about allowing untrusted clients to update to the DNS server or not allow any clients to update to the DNS server?
-
@black3dynamite said in Home Network Setup:
@scottalanmiller said in Home Network Setup:
Here is the alternate.... on a non-Windows network, I don't want DNS listing random dynamic guests. That's the simplest solution. Windows does something I have no desire to have. Given that I don't know what purpose it serves, it's hard to figure out what you are actually looking to accomplish.
Windows DNS can be set to only allow secure dynamic updates, non secure dynamic updates, none. I think the default is secure dynamic updates.
That's the other way around. The point is to update non-Windows DNS, not to update Windows DNS. The plan here is to remove all Windows Servers so that no CALs are needed.
-
@black3dynamite said in Home Network Setup:
Help me understand, are we talking about allowing untrusted clients to update to the DNS server or not allow any clients to update to the DNS server?
We are talking about some unknown clients updating either BIND or Samba DNS.
-
@scottalanmiller said in Home Network Setup:
@dashrender said in Home Network Setup:
@scottalanmiller said in Home Network Setup:
So, in the real world, where we work from business goals, we have two basic things we would do. Neither matches what is asked.
- Non-AD Network (the one we are dealing with here.) There is no value or purpose to DDNS in this scenario. You have no problem to solve. Simply remove the Windows servers and go to normal, everyday DHCP and DNS. Ubiquiti, Linux VMs, everything already handle this perfectly well. There is nothing for the industry to improve here.
Well DDNS could have value if you want to manage your devices by name, not IP address, but otherwise - fine.
How would that work? What use case is there for that?
When I look at my Unifi controller, I like to see host names of my devices, not the mac addresses, because the mac is meaningless to me. So having the controller get the DNS name would be nice.. you don't see that?
-
@black3dynamite said in Home Network Setup:
Help me understand, are we talking about allowing untrusted clients to update to the DNS server or not allow any clients to update to the DNS server?
OMG NO - we dropped the dymanic portion of this conversation 10 mins ago!
