[Samba] some DNS trouble ...

moss.mose at gmail.com moss.mose at gmail.com
Thu Feb 28 02:57:35 MST 2013

For all the nice people in the world who … maybe … run into a similar problem … 
Thank's to some help from Gregory Sloop here is the solution to my problem: 

The problem was that BIND did reject "non-LAN" queries to "non-local"/"non-authorative" zones ...
Thus "all" I had to do was to tell BIND explicitly to accept other sub nets as well ...
In my case I changed my VPN net from 10.x.x.n to something similar to my LAN (192.168.x.n) and allowed all sub nets

in "named.conf.option"
allow-query		{ localhost;; };
allow-query-cache	{ localhost;; };

for good measure I added as well: 
listen-on		{ any; };
(was only set for v6 in my conf … this didn't do the trick though but … ;)  )


Am 26.02.2013 um 17:29 schrieb Ricky Nance <ricky.nance at weaubleau.k12.mo.us>:

> Correct me if I am wrong, but isn't it dns forwarder = (not dns forwarderS) run your config through samba-tool testparm and see if it complains.
> Ricky
> On Tue, Feb 26, 2013 at 9:11 AM, Gregory Sloop <gregs at sloop.net> wrote:
> mmgc> Well … just found that the options
> mmgc> server role
> mmgc> dns recursive queries
> mmgc> dns forwarders
> mmgc> are ignored … hmmm … well … does anyone know how to achieve the
> mmgc> desired behavior without these options ?
> Perhaps I don't understand what's going on - but are you sure your DNS
> forwarder *IS* working properly? Because if the forwarder wasn't
> servicing the DNS queries, then it would *look* like [dns forwarders]
> wasn't working.
> This came up in another thread in the last week. Make sure the DNS
> server specified in the [dns forwarders] is actually serving DNS
> queries for the AD host in question.
> It's common for BIND to be locked down so it will handle local
> queries for all requests, or remote queries for zones it's "auth" for
> - but not to handle remote requests for non-auth zones.
> [See listen-on and allow-query in BIND docs, among other things.]
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> -- 

More information about the samba mailing list