How to get DNS replication working properly?

[Andriy Syrovenko]

2012/6/24 simo <idra at samba.org>

> > The internal server does not support secure dynamic updates yet, so if
> > you want secure dynamic updates, go with bind_dlz. Linux clients have a
> > hard time with that though, so, if you have linux clients and don't
> > _need_ secure updates, go with samba_internal. Just my opinion of course.
>
> What problem would Linux clients have ?
>
> In my experience GSS-TSIG updates work just fine.
>

In my experience Samba 3.6.5 (as well as 3.5.x before) constantly fails
DDNS updates against BIND_DLZ (as well as BIND with flat files) with "DNS
update failed!". The following patch fixes the problem for me. Please note
though that I don't actually understand what the patch does- I just
commented out the condition that I found to always fail. :)


diff -urN samba-3.6.5/lib/addns/dnsgss.c
samba-3.6.5.fixed/lib/addns/dnsgss.c
--- samba-3.6.5/lib/addns/dnsgss.c    2012-04-27 21:25:33.000000000 +0300
+++ samba-3.6.5.fixed/lib/addns/dnsgss.c    2012-05-12 23:47:50.000000000
+0300
@@ -175,7 +175,7 @@
              * TODO: Compare id and keyname
              */

-            if ((resp->num_additionals != 1) ||
+            if (/*(resp->num_additionals != 1) ||*/
                 (resp->num_answers == 0) ||
                 (resp->answers[0]->type != QTYPE_TKEY)) {
                 err = ERROR_DNS_INVALID_MESSAGE;


Regards,
Andrey
-------------- next part --------------
A non-text attachment was scrubbed...
Name: samba-3.6.5-addns.patch
Type: application/octet-stream
Size: 502 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20120624/d4f5ab36/attachment.obj>