making samba internal DNS "site" aware for some queries
David Mansfield
samba at dm.cobite.com
Thu Apr 18 14:32:18 MDT 2013
When a DNS query for _kerberos._tcp.samdom.example.com (and possibly
others) is processed by samba4, the answers appear to be in the same
order regardless of which DC is queried (when internal DNS is used).
It to me that either:
- each DC should put itself first
- the "site" subnets should be consulted based on the requestor's IP
address and the matching DC should be put first
Why this matters:
If the following fragment is in krb5.conf:
[libdefaults]
dns_lookup_kdc = true
The client will never use the "closest" DC for kerberos AFAIK (although
it will for winbind).
So here are questions:
1) is the current behavior expected?
2) is my suggested behavior allowed?
3) is my suggested behavior desirable?
4) what source code would I look at to implement, assuming #2 and #3 are
both "yes"?
--
Thanks,
David Mansfield
Cobite, INC.
More information about the samba-technical
mailing list