[Samba] howto test ddns

steve steve at steve-ss.com
Sat Aug 9 01:03:26 MDT 2014


On Sat, 2014-08-09 at 04:46 +0100, shadrock uhuru wrote:
> Hi everyone
> 
> > >/ i'm still wondering , should i reprovision for bind dns and forego the
> > />/ internal dns ?
> > /
> > No need to re-provision. Switch to bind9 if you like and just use the
> > dbs you already have.
> 
> 
> i switched to bind using samba_upgradedns,
> i had to lower the bind version to 9.9.8 from 10
> added a few configuration changes,
> rebooted and tested.
> 
> # nsupdate -g -D -d
> setup_system()
> reset_system()
> user_interaction()
> > server 10.2.1.6
> do_next_command()
> > realm TISSISAT.CO.UK
> do_next_command()
> > update delete testserver.tissisat.co.uk in A
> do_next_command()
> evaluate_update()
> update_addordelete()
> > update delete testserver.tissisat.co.uk in AAAA
> do_next_command()
> evaluate_update()
> update_addordelete()
> > update add testserver.tissisat.co.uk 3600 in A 10.2.1.70
> do_next_command()
> evaluate_update()
> update_addordelete()
> > send
> do_next_command()
> start_update()
> recvsoa()
> About to create rcvmsg
> show_message()
> Reply from SOA query:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:   5846
> ;; flags: qr aa ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> ;; QUESTION SECTION:
> ;testserver.tissisat.co.uk.    IN    SOA
> 
> ;; AUTHORITY SECTION:
> tissisat.co.uk.        0    IN    SOA    ashanti.tissisat.co.uk.
> hostmaster.tissisat.co.uk. 13 900 600 86400 0
> 
> Found zone name: tissisat.co.uk
> The master is: ashanti.tissisat.co.uk
> start_gssrequest
> send_gssrequest
> show_message()
> Outgoing update query:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:  37310
> ;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
> ;; QUESTION SECTION:
> ;1256015208.sig-ashanti.tissisat.co.uk. ANY TKEY
> 
> ;; ADDITIONAL SECTION:
> 1256015208.sig-ashanti.tissisat.co.uk. 0 ANY TKEY gss-tsig. 1407553091
> 1407553091 3 NOERROR 1371
> YIIFVwYGKwYBBQUCoIIFSzCCBUegDTALBgkqhkiG9xIBAgKiggU0BIIF
> [snip]
> 726FWzrRFrt9CMoq8UVk/tsPwOx8lhXktRx7pTrc+W2hXQGN/CuTjsdg
> rqXlKRwo96iZkCB301OnSzg/i1KnuPPbB2ET9FVxyRzTCJXkoHil6hcl
> cYvdt883KubDR2MD5W1Wotn3NqmYhMomvdk0 0
> 
> Out of recvsoa
> recvgss()
> recvgss creating rcvmsg
> show_message()
> recvmsg reply from GSS-TSIG query
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:  37310
> ;; flags: qr ra; QUESTION: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> ;; QUESTION SECTION:
> ;1256015208.sig-ashanti.tissisat.co.uk. ANY TKEY
> 
> ;; ANSWER SECTION:
> 1256015208.sig-ashanti.tissisat.co.uk. 0 ANY TKEY gss-tsig. 1407553091
> 1407556691 3 NOERROR 182
> oYGzMIGwoAMKAQChCwYJKoZIhvcSAQICooGbBIGYYIGVBgkqhkiG9xIB
> ZEcR4G9sH+14w8N3oQ+YaJZgWrru3oriKn4EEW8PPARdVVY1Fbz/aak3
> bXQPqs33kWIp3jH29wM= 0
> 
> send_update()
> Sending update to 10.2.1.6#53
> show_message()
> Outgoing update query:
> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:   9117
> ;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 3, ADDITIONAL: 1
> ;; UPDATE SECTION:
> testserver.tissisat.co.uk. 0    ANY    A   
> testserver.tissisat.co.uk. 0    ANY    AAAA   
> testserver.tissisat.co.uk. 3600    IN    A    10.2.1.70
> 
> ;; TSIG PSEUDOSECTION:
> 1256015208.sig-ashanti.tissisat.co.uk. 0 ANY TSIG gss-tsig. 1407553091
> 300 28 BAQE//////8AAAAAOlU6UWyJSxFj4U87ks2Cxw== 9117 NOERROR 0
> 
> Out of recvgss
> update_completed()
> tsig verification successful
> show_message()
> 
> Reply from update query:
> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:   9117
> ;; flags: qr ra; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 1
> ;; ZONE SECTION:
> ;tissisat.co.uk.            IN    SOA
> 
> ;; TSIG PSEUDOSECTION:
> 1256015208.sig-ashanti.tissisat.co.uk. 0 ANY TSIG gss-tsig. 1407553092
> 300 28 BAQF//////8AAAAAJ/rn/t7a44Hd20jMXXr9nQ== 9117 NOERROR 0
> 
> done_update()
> reset_system()
> user_interaction()
> > quit
> do_next_command()
> cleanup()
> Shutting down task manager
> shutdown_program()
> Shutting down request manager
> Destroy DST lib
> Destroying request manager
> Freeing the dispatchers
> Shutting down dispatch manager
> Destroying event
> Shutting down socket manager
> Shutting down timer manager
> Destroying hash context
> Destroying name state
> Removing log context
> Destroying memory context
> 
> # host testserver
> testserver.tissisat.co.uk has address 10.2.1.70
> 
> # nsupdate -g -D -d
> setup_system()
> reset_system()
> user_interaction()
> > server 10.2.1.6
> do_next_command()
> > realm TISSISAT.CO.UK
> do_next_command()
> > update add 70.1.2.10.in-addr.arpa 600 IN PTR testserver.tissisat.co.uk
> do_next_command()
> evaluate_update()
> update_addordelete()
> > send
> do_next_command()
> start_update()
> recvsoa()
> About to create rcvmsg
> show_message()
> Reply from SOA query:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id:  28338
> ;; flags: qr aa ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> ;; QUESTION SECTION:
> ;70.1.2.10.in-addr.arpa.        IN    SOA
> 
> ;; AUTHORITY SECTION:
> 1.2.10.in-addr.arpa.    0    IN    SOA    ashanti.tissisat.co.uk.
> hostmaster.tissisat.co.uk. 14 900 600 86400 3600
> 
> Found zone name: 1.2.10.in-addr.arpa
> The master is: ashanti.tissisat.co.uk
> start_gssrequest
> send_gssrequest
> show_message()
> Outgoing update query:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:  65277
> ;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
> ;; QUESTION SECTION:
> ;610528237.sig-ashanti.tissisat.co.uk. ANY TKEY
> 
> ;; ADDITIONAL SECTION:
> 610528237.sig-ashanti.tissisat.co.uk. 0    ANY TKEY gss-tsig. 1407553750
> 1407553750 3 NOERROR 1371
> YIIFVwYGKwYBBQUCoIIFSzCCBUegDTALBgkqhkiG9xIBAgKiggU0BIIF
> [snip]
> W2bjrv/ctjVsl07yodI5q4VeaagjF6ruKKrmcrdGNXK3vSxFGjaXz6a+
> oNrxvYUFSdRT0dWGRKgdSZJ0s5hTk2BBK2+X 0
> 
> Out of recvsoa
> recvgss()
> recvgss creating rcvmsg
> show_message()
> recvmsg reply from GSS-TSIG query
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:  65277
> ;; flags: qr ra; QUESTION: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> ;; QUESTION SECTION:
> ;610528237.sig-ashanti.tissisat.co.uk. ANY TKEY
> 
> ;; ANSWER SECTION:
> 610528237.sig-ashanti.tissisat.co.uk. 0    ANY TKEY gss-tsig. 1407553750
> 1407557350 3 NOERROR 182
> oYGzMIGwoAMKAQChCwYJKoZIhvcSAQICooGbBIGYYIGVBgkqhkiG9xIB
> ljVOlorfpvNfSIq719S+lFRgOcJGoDm94Sulc7kio9vuO3J+rmU91mnt
> JY4pOrhX8vv4A32lYm0= 0
> 
> send_update()
> Sending update to 10.2.1.6#53
> show_message()
> Outgoing update query:
> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:  53730
> ;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 1
> ;; UPDATE SECTION:
> 70.1.2.10.in-addr.arpa.    600    IN    PTR    testserver.tissisat.co.uk.
> 
> ;; TSIG PSEUDOSECTION:
> 610528237.sig-ashanti.tissisat.co.uk. 0    ANY TSIG gss-tsig. 1407553750
> 300 28 BAQE//////8AAAAACetnYOrN8nzfMSSS55pq4g== 53730 NOERROR 0
> 
> Out of recvgss
> update_completed()
> tsig verification successful
> show_message()
> 
> Reply from update query:
> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:  53730
> ;; flags: qr ra; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 1
> ;; ZONE SECTION:
> ;1.2.10.in-addr.arpa.        IN    SOA
> 
> ;; TSIG PSEUDOSECTION:
> 610528237.sig-ashanti.tissisat.co.uk. 0    ANY TSIG gss-tsig. 1407553751
> 300 28 BAQF//////8AAAAAKihMzjSCi/QswoLwRryhdQ== 53730 NOERROR 0
> 
> done_update()
> reset_system()
> user_interaction()
> > quit
> do_next_command()
> cleanup()
> Shutting down task manager
> shutdown_program()
> Shutting down request manager
> Destroy DST lib
> Destroying request manager
> Freeing the dispatchers
> Shutting down dispatch manager
> Destroying event
> Shutting down socket manager
> Shutting down timer manager
> Destroying hash context
> Destroying name state
> Removing log context
> Destroying memory context
> 
> # host 10.2.1.70
> 70.1.2.10.in-addr.arpa domain name pointer testserver.tissisat.co.uk.
> 
> 
> -----------------------------
> 
> looks like ddns is as it should be ,
> setting off now on my journey through the all the logs checking for errors,
> see ya when i get back,
> many thanks
> shadrock
And: ¡BINGO! Well done. I'd now put good money on sssd updating A, AAAA
and PTR from testserver.
Cheers,
Steve





More information about the samba mailing list