[Samba] Samba 4 dns-resolv-prob with different subnets [SOLVED]

Peter Grotz - Obel und Partner GbR grotz at obel-architekten.de
Mon Sep 1 06:13:32 MDT 2014 

Hello all,

The prob is solved. The dns-answer only seemed to come from the asked
nameserver. Between the two endpoints of the vpn the gateways have a
transparent dns-proxy which forwarded my dns-request not the wanted
dns-server but sent not-found-answers pretending to be the intended ns.

Not easy to find such a pitfall :(

Thanks again,

-Peter


-----Ursprüngliche Nachricht-----
Von: Peter Grotz - Obel und Partner GbR [mailto:grotz at obel-architekten.de] 
Gesendet: Sonntag, 31. August 2014 02:14
An: samba at lists.samba.org
Betreff: Re: [Samba] Samba 4 dns-resolv-prob with different subnets

Hello Louis,

> Datum: Fri, 29 Aug 2014 15:17:44 +0200
> Von: "L.P.H. van Belle" <belle at bazuin.nl>
> An: "samba at lists.samba.org" <samba at lists.samba.org>
> Betreff: Re: [Samba] Samba 4 dns-resolv-prob with different subnets


> pleast post your

> /etc/hosts

on dc-01:
127.0.0.1   localhost   localhost.localdomain
192.168.0.101 dc-01   dc-01.obel.lan

on dc-02:
127.0.0.1   localhost   localhost.localdomain
192.168.1.100 dc-02   dc-02.obel.lan


> /etc/resolv.conf

on dc-02 192.168.1.100 (dns-resolution works):
search obel.lan
nameserver 192.168.1.100
nameserver 192.168.1.102 #def gateway on subnet 192.168.1.0

on dc-01 192.168.0.101 (dns-resolution doesn´t work):
search obel.lan
nameserver 192.168.1.100
nameserver 192.168.0.101
nameserver 192.168.0.102 #def gateway on subnet 192.168.0.0


> which OS ( debian/ubuntu/centos)

centos 6.5

> the output of smbd -V

sernet-samba 4.1.11

> samba internal DNS or Bind9_DLZ

samba internal

> and what if you use the FQDN of the DC-02 and not the hostname.

using FQDN on DC-02 where the first samba-dc was installed is working fine
with all resolving, using FQDN on DC-01 gives me the described errors

> and you can add in the /etc/resolv.conf and extra search like

> search internal.domain.tld someotherinternal.domain.tld.
> nameserver ...

doesn´t help :(

> which nameserver is use the server on the 192.168.1.0 net and is this 
> net also defined on the samba 4 DC nameserver.

192.168.1.0 is using the samba internal dnsserver and is working fine even
for the dns-entries from the 192.168.0.0-subnet.

for dc-01 at 192.168.0.0 there are only the resolv.conf-entries because
joining the dc-01 into domain will only success when dns/kerberos can resolv
the working dc-02 on the other subnet where the domain is working at the
moment.


> Greetz,

> Louis

Thanks again!

Peter

More information about the samba mailing list