[Samba] samba 4.1.17 on raspberry pi as ad dc - internal dns problems
Peter Serbe
peter at serbe.ch
Thu Mar 12 10:34:09 MDT 2015
Matthias Busch schrieb am 12.03.2015 16:43:
> I am hesitant to use .net (the domain I own) in fear of having dns
> issues. i do not control the NS for the internet accesible .net domain
> either.
At least w.r.t. the Bind backend this fear is not necessary. It is indeed
exactly what I do. The AD-DNS is only authoritative to "domain.samdom.com",
not to "samdom.com". There is only one little trick necessary if You got
a slave nameserver, which is tied to Your AD-DC server.
# forward lookup
zone "domain.samdom.com" {
type slave;
masters { 192.168.1.1;
192.168.1.2; };
file "/etc/bind/namedb/bak.domain.samdom.com";
forwarders{};
};
# reverse lookup
zone "1.168.192.in-addr.arpa" {
type slave;
masters { 192.168.1.1;
192.168.1.2; };
file "/etc/bind/namedb/bak.192.168.1";
forwarders{};
};
Note the line "forwarders{}", which will ensure, that the local DNS server
doesn't ask the public DNS, which is authoritative for the public
"samdom.com". You would then get the IP of "samdom.com" when looking up
a local host.
But I agree, that this is a bit of perfectionsm. One can do things simpler.
On the other hand: one of my two DCs was down for a week (the one 70km away
in the "weekend"-appartment), but the whole network worked flawlessly. These
Arm based appliances are definitely less reliable than ordinary PC H/W. I
use slave DNS servers on my file servers, which keep at least DNS working
whatever the Raspi or the Cubieboard do (better: don't do...).
More information about the samba
mailing list