[IT_cog_MD]

First thanks to eibgrad he helped me get this far.

I have read a few articles but cannot seem to get this working. I am sure it has to do with setup and traffic.

in pictures and stuff please ignore the AsusServer and AsusTS things. The references i found had me put those in and i havent removed them incase i need them and i just haven't implemented them correctly.

Resources:
http://wadihzaatar.com/?p=11
https://dd-wrt.com/wiki/index.php/DNSMasq_using_alternative_DNS-Servers
Others i lost during surfing.

Need: Have computer A ping ComputerB using name not IP.

Setup
(ComputerA) -> (OpenVPN Client) -> (Primary ISP Router) -> (Internet) -> (Primary ISP Router) -> (OpenVPN Server) -> (ComputerB)

Computer A:
IP: 192.168.11.6

OpenVPN Client:
LAN IP:192.168.11.67
OpenVPN IP: 10.8.0.2
Setup WAP: WAN Disabled, DHCP Server Disabled, DNSMasq Enabled(See image for settings)

Primary ISP Router[Client Side]:
LAN IP:192.168.11.1
Static Routes:
192.168.1.0/24 192.168.11.67
10.8.0.0/24 192.168.11.67
DHCP Server Enabled

Primary ISP Router[Server Side]:
LAN IP:192.168.1.1
Static routes:
192.168.11.0/24 192.168.1.64
10.8.0.0/24 192.168.1.64
DHCP Server Enabled
DNS Server: 192.168.1.82 (I have a DC acting as the DNS for the server side. If the local DNS cant find it, it forwards it to Primary ISP Router.)

OpenVPN Server:
LAN IP:192.168.1.64
OpenVPN IP: 10.8.0.1
Setup WAP: WAN Disabled, DHCP Server Disabled, DNSMasq Enabled(See image for settings)

ComputerB:
LAN IP: 192.168.1.81

Currently I can ping across using IP addresses. So ComputerA can ping 192.168.1.81 and get a response, and vice versa.

I know my goal is this from ComputerA[client side]
1) check local DNS for name
2) check server DNS for name
3) pass to client/server side fallback [primary ISP router]

I only care about step 3 with regards to which is used if that also directs traffic. I do not want internet traffic from client to be tunneled thru the server to get to the internet. It can use its own ISP to get internet. I don't need to bog down the server with youtube videos.

This is from Client side router

[IT_cog_MD]

Also When I am connected to the server router, even though the router, I cannot ping ComputerB from the server router itself.

on Server router
cat /etc/resolv.conf
results:
192.168.1.64 [itself]

cat /tmp/resolve.dnsmasq
results:
nameserver 192.168.1.82 [DNS]
nameserver 192.168.1.1 [ISP Primary Router]

I was looking at this
https://www.dd-wrt.com/wiki/index.php/DNSMasq_Local_Network

It seems to be somewhat what i am looking for. Clearly i need to be able to direct a DNS request to my main domain. domain.net. So i added to additional config
domain=domain.net
expand-hosts

I also tried adding the following and restarting the router. 1 at a time not both at the same. and sure if i ping domain.net it works, but not COmputerB or COmpuyterB.domain.net.
server=/domain.net/192.168.1.82
address=/domain.net/192.168.1.82

how do i get the router to to look at the domain i guess what it boils down to because right now it is not seeing that even though i have the ip of the DNS shows up in the /tmp/resolvdnsmasq file

if I add the following tot he DNSMasq additional config
address=/ComputerB/192.168.1.81

i am sure it will work, but i dont want to do that for 50 computers. I feel there is something simple i am missing

[IT_cog_MD]

That is what i was thinking. I was trying all those commands as you have written, but it revolves around the dd-wrt being the DNS.

On the server side I have, as you stated, i have a ubuntu server running an active domain which i want to tap in to.

Your method is what i was hoping to avoid. Going through and basically manually assigning item names and IP addresses. However, my little experience with this am curious if it will do exactly what i need.

For instance, I manually assign each computer name with its address within the DNSMasq configuration as you have written, would it actually relay information. So if i ping computerA will it translate and ping its address so i can get a proper ping response. or if i RDP to computerA will i actually be able to RDP to it?

I went on a short vacation and do not have internet to really test this until sunday when i return. I will attempt to do your suggestion and just see if it does what i need when i return. I dont mind going through and doing the manual assignments if it will do what i need.

[IT_cog_MD]

I fully understand what is trying to be done.

So my actual DNS server is at 192.168.1.82 and its domain is mydomain.net. and i would log on using MYDOMAIN\username

For now I only really care about getitng he client to be able to contact the server.

So in the Client i put the following

[IT_cog_MD]

the server side is a Ubuntu DC. The client side has no DC, it is just using the ISP router as its DNS. I only need DC functionality at the server site.

With regard to the firewall on the server side I do have SPI firewall enabled, but among all those settings is there a specific combination i need or something specifically checked/unchecked? It is all default right now.

In the router, do i need to open a DNS port forward to the server router for port 53 DNS requests?

Also, with the server directive, should i be able to see this added to the /tmp/resolv.dnsmasq file?

[IT_cog_MD]

I can ping computer on the server but not computer.mydomain.com. So i think that is my first issue.

And i am using Ubuntu, but as an active directory and then using windows AD control software to maintain it.

ANother oddity, i just tried to do on the server side nslookup 192.168.1.70 and it came back with unable to find IP, non existant domain.

Edit: Ok the non-existant domain is because of the Ubuntu running an AD and me using windows AD control. It appears there ar eno reverse name lookups within the AD setp by Ubuntu. I think i can solve the nslookup issue by making a reverse lookup zone. But need to research a lot before i do that. Dont want to blow up the current DC. I dont have a redundant system.