DNS updates using nsupdate are not working!
Andreas Schneider
asn at samba.org
Sun Sep 14 09:50:10 MDT 2014
On Friday 12 September 2014 15:58:09 Rowland Penny wrote:
> > 127.0.0.21 is the IP of the DC in 'make test'.
>
> Ah, but you never mentioned that you were using bind etc in a test
> environment. you just basically said bind9.9.5 couldn't update samba4 dns.
We do not run bind in our test environment, but samba_dnsupdate uses nsupdate
which is a bind utility.
> > Windows 2008:
> >
> > asn at magrathea:~> dig -t SOA discworld.site
>
> Hmm, I suspect a science fiction fan here ;-)
>
> > ; <<>> DiG 9.9.5-rpz2+rl.14038.05-P1 <<>> -t SOA discworld.site
> > ;; global options: +cmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31776
> > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 2
> >
> > ;; OPT PSEUDOSECTION:
> > ; EDNS: version: 0, flags:; udp: 4000
> > ;; QUESTION SECTION:
> > ;discworld.site. IN SOA
> >
> > ;; ANSWER SECTION:
> > discworld.site. 3600 IN SOA dwad1.discworld.site.
> > hostmaster.discworld.site. 236 900 600 86400 3600
> >
> > ;; ADDITIONAL SECTION:
> > dwad1.discworld.site. 3600 IN A 192.168.100.10
> >
> > ;; Query time: 0 msec
> > ;; SERVER: 127.0.0.1#53(127.0.0.1)
> > ;; WHEN: Fri Sep 12 16:24:17 CEST 2014
> > ;; MSG SIZE rcvd: 112
>
> on my DC:
>
> root at dc01:~# dig -t SOA example.com
>
> ; <<>> DiG 9.9.5-4~bpo70+1-Debian <<>> -t SOA example.com
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62908
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ;; QUESTION SECTION:
> ;example.com. IN SOA
>
> ;; ANSWER SECTION:
> example.com. 3600 IN SOA dc01.example.com.
> hostmaster.example.com. 17 900 600 86400 0
>
> ;; AUTHORITY SECTION:
> example.com. 900 IN NS dc01.example.com.
>
> ;; ADDITIONAL SECTION:
> dc01.example.com. 900 IN A 192.168.0.2
>
> ;; Query time: 0 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Fri Sep 12 15:42:43 BST 2014
> ;; MSG SIZE rcvd: 119
>
> Only major difference I can see, is that I have an authority section
The problem doesn't exist with a Windows DC but with a Samba DC which doesn't
have the correct SOA entry as you can see in the next lines ...
> > Samba DC in :make testenv':
> >
> > dig @127.0.0.21 -t SOA samba.example.com
> > ;; reply from unexpected source: 127.0.0.21#53, expected 127.0.0.21#53
> > ;; reply from unexpected source: 127.0.0.21#53, expected 127.0.0.21#53
> > ;; reply from unexpected source: 127.0.0.21#53, expected 127.0.0.21#53
> >
> > ; <<>> DiG 9.9.5-rpz2+rl.14038.05-P1 <<>> @127.0.0.21 -t SOA
> > samba.example.com ; (1 server found)
> > ;; global options: +cmd
> > ;; connection timed out; no servers could be reached
>
> I don't have a testenv so couldn't do this, but could I ask why
> '127.0.0.21' ?
See http://cwrap.org/
-- andreas
--
Andreas Schneider GPG-ID: CC014E3D
Samba Team asn at samba.org
www.samba.org
More information about the samba-technical
mailing list