How to get DNS replication working properly?

[Mike Howard]

On 24/06/2012 12:05, Morten Kramer wrote:
> On 06/24/2012 01:01 PM, Andrew Bartlett wrote:
>> On Sun, 2012-06-24 at 10:33 +0100, Mike Howard wrote:
>>> On 24/06/2012 08:35, Andrew Bartlett wrote:
>>>> On Fri, 2012-06-22 at 17:32 +0200, Morten Kramer wrote:
>>>>> Hi all,
>>>>>
>>>>>
>>>>> I've been trying to get DNS replication to work for a few days now.
>>>>>
>>>>>
>>>>> What I've done:
>>>>> - Compile Samba (Beta1/Beta2/recent git pull) under Centos 6.2 x64
>>>>> Any help will be greatly appreciated!
>>>> Could you both please try
>>>>
>>>> git://git.samba.org/abartlet/samba.git fix-dns-replication
>>>>
>>>> If you start with that, for a new join, it should do the 
>>>> replication of
>>>> the DNS partitions.  Otherwise, follow the steps you took.
>>>>
>>>> Please let me know if this works, so I can get this in to master to
>>>> assist others.
>>>>
>>>> Andrew Bartlett
>>>>
>>> I tried the two patches you posted the other day and using the internal
>>> dns server got replication to work.
>>>
>>> There was a minor issue of the secondary dc's details were not added to
>>> the primary's dns at all. Easily added manually though. The SOA doesn't
>>> include the secondary ns info
>>>
>>> Thanks for the hard work..
>> Thanks for the confirmation!
>>
>> The reason that the secondary DC isn't enrolled in DNS is that the
>> internal DNS server does not support dynamic updates (yet, Kai is still
>> working on it).
>>
>> Andrew Bartlett
>>
>
> Interesting,
>
>
> So should I use the internal DNS or Bind DLZ? Does it matter?
>
>

The internal server does not support secure dynamic updates yet, so if 
you want secure dynamic updates, go with bind_dlz. Linux clients have a 
hard time with that though, so, if you have linux clients and don't 
_need_ secure updates, go with samba_internal. Just my opinion of course.
-- 
Any question is easy if you know the answer!