[Samba] DomainDnsZone Replication Shows 200,000 Objects

Günter Kukkukk linux at kukkukk.com
Mon Jan 13 19:56:24 MST 2014 

Am 13.01.2014 23:47, schrieb Achim Gottinger:
> Am 13.01.2014 18:39, schrieb lp101:
>>     It looks like 15,000 records have been deleted over a period of 8 hours. This was after changing the attribute to 30 days. Do you know how to
>> force replication for the Domain DNS Deleted Objects? Replicating the DominDnsZones using Samba-tool drs replicate doesn't appear to replicate these
>> objects.
>>     I've attempted to join a DC again over a 1.5Mbit Wan link using Samba 4.1.4 on Ubuntu 12.04. At this moment I'm over 19hrs in with 312355/385196
>> replicated. I joined using "--domain-critical-only" thinking it may exclude these items but I was wrong.
> Thank you fro the update. Can it be you have an few sites whom are not directly connected? This does slow down replication. Hope it works for you this
> time, but didn't it fail at ~350000 objects last time?
> 
> 

FYI - the samba ISC bind DLZ plugin does a different approach.
When all child DNS entry are gone, it _leaves_ the directory storage as:
(sambatool dns query .... output)

Name=mytest, Records=0, Children=0

So the record is _not_ deleted - more or less "left as an unused entry".
Those entries can be re-used later, but can also accumulate when not
being re-used.

As i've seen with a windows7 client during normal operation, it deletes
its A and AAAA records and then registers one/both again in some interval
of about 5 to 10 minutes! (Could be due i was running the MS MMC DNS plugin).

This behavior is atm handled fine with the DLZ driver - but is somewhat FATAL
for the internal DNS server: It creates LOTS of deleted dns entries!

So i've reverted the patch
     8b24c43b382740106474e26dec59e1419ba77306
which was deleting the whole dns entry.

After this revert the internal dns server behaves the same as the DLZ driver and
leaves those
   Name=mytest, Records=0, Children=0
records around - BUT THEN the current implementation is NOT able to add
new incoming records!
https://bugzilla.samba.org/show_bug.cgi?id=9559

Atm i did a very first simple patch to the internal dns, which allows
to add new entries in that
  Name=mytest, Records=0, Children=0
formerly failing state.

Now the internal dns _seems_ to behave similar to the DLZ driver, but
more investigation is needed because dns entries can be "static" or
"time stamped" ....

So i'm still looking at all related infos ....

Btw - has someone seen "strange" behavior in this area when the
DLZ driver is used?

Cheers, Günter

--

More information about the samba mailing list