[Samba] SOLVED dnscache in front of samba4 internal dns (was: Re: Samba internal DNS + 2nd DNS)

[Greg Zartman]

On Sun, Oct 26, 2014 at 11:37 PM, Greg Zartman <gzartman at koozali.org> wrote:

> I'm workign to setup Samba4 and my current centos server deployment uses
> TinyDNS/DNSCache for the DNS.  Understanding that it is best to use Sambas
> internal DNS for AD, I'm wondering how others are doing DNS?  I really
> don't want to use BIND.
>
> Should my DHCP server send ddns updates to Samba's internal DNS for client
> leases?
>

I just wanted to follow up on this. One of the developers in the SME
Project successfully was able to get a dnscache running in front of Samba4
internal DNS using the following:

iptables -t nat -I PREROUTING --in-interface eth0 -p tcp -d [localIP]
--destination-port 53 -j DNAT --to-destination
[ip_dnscache_listens_on]

More details in this bug report:  http://bugs.contribs.org/show_bug.cgi?id=8638

This allows us to have an instance of dnscache running in front of
samba4 and deligating DNS.  dnscache delegates DNS for the samba4
domain to the samba4 internal DNS.  What this does for us is get
resolving dns in front of samba4, doesn't required BIND, and doesn't
rely upon the relatively new dns code in Samba4.

It's a pity the Samba team didn't look ad djb DNS instead of DNS masq
when working to implement AD DNS in Samba 4.  They could have saved
themselves quite alot of work.  djb DNS is very solid and light weight
and does everything BIND will do:  http://cr.yp.to/djbdns.html