AD Dynamic DNS Updates from EdgeRouter DHCP

Today was the day that I de-commissioned DHCP on my home Active Directory servers. The one area that gave me a little trouble was figuring out how to get Dynamic DNS for clients working with AD DNS. All of the guidance I could find was for BIND.

Here are the commands I used:

set service dhcp-server use-dnsmasq disable
set service dhcp-server dynamic-dns-update enable true
set service dhcp-server global-parameters 'ddns-updates on;'
set service dhcp-server global-parameters 'update-static-leases on;'
set service dhcp-server shared-network-name LAN shared-network-parameters 'ddns-rev-domainname="in-addr.arpa.";'
set service dhcp-server shared-network-name LAN shared-network-parameters 'ddns-domainname="AD-DOMAIN-NAME.";'

Replace LAN with the name of the DHCP server instance on the EdgeRouter, and AD-DOMAIN-NAME with your AD domain (note the trailing period). The " are necessary to escape the quotation marks within the CLI — make sure to copy those as-is.

Breaking this down step-by-step:

set service dhcp-server use-dnsmasq disable

This configures the ER to use ISC’s DHCPd instead of dnsmasq.

set service dhcp-server dynamic-dns-update enable true
set service dhcp-server global-parameters 'ddns-updates on;'
set service dhcp-server global-parameters 'update-static-leases on;'

I’m not sure the first one is necessary here, but we’re configuring DHCP to perform DNS updates on clients’ behalf and to include static DHCP clients.

set service dhcp-server shared-network-name LAN shared-network-parameters 'ddns-rev-domainname="in-addr.arpa.";'
set service dhcp-server shared-network-name LAN shared-network-parameters 'ddns-domainname="AD-DOMAIN-NAME.";'

Finally, we configure each DHCP scope for updates to the forward and reverse zones.

Chromebooks May be Habit-forming

I’ve recently discovered Chromebooks:

2017-08-08 15.53.46

Ok, it’s not like I just heard about them, but it was over the past few weeks that I realized they can serve a useful purpose.

  1. I needed a cheap portal serial terminal. Beagle Term and a cheap USB -> RJ45 serial cable fit the bill perfectly.
  2. I wanted a device to leave at my girlfriend’s for casual use. Never cared to Android tablets, didn’t want to spend real money on an iPad or a Windows tablet with a decent CPU. The Chromebook works nicely for this.
  3. The girlfriend’s kids have started 3rd grade and need access to a computer for school assignments. Was going to give them one of these Chromebooks… but she’d prefer they use something not portable and eventually I snagged a good eBay deal on an LG Chromebase instead.
  4. My mother needs access to a computer. For both her and the kids, giving them a computing environment that’s real difficult to screw up is high on the priority list. ChromeOS is perfect for this.

My Chromebook of choice is the Asus C300SA — 3lbs, 13.3″ screen, 4GB RAM, and a legit 10+ hours of battery life. The best part is that Amazon regularly offers reboxed returns at a low price, I’ve picked up four for $100-$115/ea.

Weak points are the sub-1080p display, non-backlit keyboard, and of course, the N3060 dual-core CPU (~989 CPU Mark score). Not gonna sugar-coat it, this thing strains under the load of 10-20 browser tabs I routinely have open… but it does far better than those cheap Windows tablets on Z-series Atom quad-cores.

Apps are also a weakness. For the kids and mom, the browser is all they really need. For myself… I need more, and I’m not real impressed with the selection and quality of what’s available in the Chrome Store in the categories I care about. I don’t want to go the Crouton / Linux route either, as that disables many of the security features of ChromeOS. I think I’d be happiest using the Chromebooks as thin clients to Windows. Guacamole and the various Chrome RDP clients haven’t been appealing to me from a UX perspective, so I’ll be digging into Horizon next.

Regardless, for $100-ish the Pros far outweigh the Cons. They’re not good enough to be my only PC, but they are good enough to be the only PC that I take with me.