[Samba] Multiple A records on my parent domain name are confusing hosts
Andrew Bartlett
abartlet at samba.org
Fri Oct 11 13:24:29 MDT 2013
On Tue, 2013-10-08 at 10:23 -0700, Scott Goodwin wrote:
> I'm using Samba 4.0.9, Bind 9.9.4 w/ dlz
>
> My domain is example.com
> My Samba4 server is myserver.example.com
> myserver has two nics: 10.10.10.5 and 192.168.10.2
> My externally hosted web site is www.example.com, and is hosted at
> 123.123.123.123
> I have an A and CNAME in DNS like so:
>
> @ A 123.123.123.123
> www CNAME example.com.
>
> The above allows internal web browsers to access the external site via
> www.example.com or example.com. This works great.
>
> The problem is that every ten minutes when samb's dns update happens, it
> keeps putting the following two entries in, which points internal hosts to
> the dns server, instead of the externally hosted web site:
> @ A 10.10.10.5
> @ A 192.168.10.2
>
>
> Why do these keep showing up? I'm sure there is a place that the info is
> coming from, but I don't know where, and I desperately need to prevent this
> from happening. I mean, don't get me wrong, I realize what the records
> mean, but what I'm trying to do is prevent them from repopulating and
> preventing my internal hosts from browsing the web site. I didn't have
> this problem when I could edit the bind files directly, but now that I'm
> using bind_dlz for samba, I'm a little lost.
The issue is that Samba controls that name, and tries to set it to match
the network interfaces of the DC, because AD clients may (few actually
do, in this specific case) use this name to find a DC. See
dns_update_list.
I suggest breaking the CNAME and not using example.com to find your
website internally.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba
mailing list