[Samba] Disabling AAAA DNS record lookups?
Palmer, Randy
randy.palmer at FMR.COM
Mon Sep 24 20:53:50 GMT 2007
When performing a cross-domain SSH login as a member of an AllowGroups
(/etc/ssh/sshd_config) AD group, Samba does a SRV DNS lookup and then
performs DNS lookups on the 40+ kdc's reported to it.
Besides an A record lookup, an AAAA (ipv6) record lookup is performed on
each of these machines.
I disabled loading of the ipv6 module by setting "alias net-pf-10 off"
in modprobe.conf and rebooted. The ipv6 module is not loaded anymore
and the "ip a" and "ifconfig" commands do not show an inet6 addr
anymore.
However, I am still seeing the AAAA (ipv6) record lookups on my network
capture. Considering the latency involved in this particular WAN
network environment, I can forsee a reasonable performance improvement
by elminating these extraneous and unnecessary lookups.
Would anyone have any tips on how I can eliminate these AAAA DNS
lookups?
The OS is Novell SLED10 SP1. With some updates and backports compiled
in, the custom Samba version could be considered quite similar to
3.0.25c if that makes a large difference in relevancy to turning off
these lookups.
-RP
More information about the samba
mailing list