If you have a router running the dd-wrt firmware and have configured Active Directory internally, you’ll need to set a few options to make things work. The goal is to use the router for general DNS queries through the ISP (or public) DNS servers, as well as the static leases function from DNSMasq while routing AD DNS requests through the Windows Server. This is good for a workbench or internal test setup where you still want the primary DNS on the router to keep other users happy while you test AD.
In this example, we are using a Buffalo WZR-HP-G300NH2 router with v24-sp2 (build 21223). I have created an NS record for ad.mnnguyen.com to point to my network at home and opened up port 53 in the firewall so that it can get through.
The router needs to have this line in the “Additional DNSMasq Options” box:
Where the ad.mnnguyen.com is the DNS suffix for AD that you want to use and the IP is for the AD DNS server.
You also need to turn off “No DNS Rebind”.