[Samba] will bad things happen if samba4 AD not binding 127.0.0.1?
Rowland Penny
rowlandpenny241155 at gmail.com
Sun Nov 15 16:04:29 UTC 2015
On 15/11/15 15:49, d tbsky wrote:
> hi:
> my company has two dns servers, but samba4 internal dns forward can only
> forward to 1 server.
> to workarround it i run dnsmasq as dns cache at 127.0.0.1 and let samba4
> dns forward to 127.0.0.1.
> my smb.conf looks like:
>
> dns forwarder = 127.0.0.1
> interfaces = 10.1.1.1
> bind interfaces only = Yes
>
> with the setting samba won't bind to 127.0.0.1, so dnsmasq can use
> 127.0.0.1 to do the work.
> my /etc/resolv.conf point to 10.1.1.1 (samba internal dns)
>
> everything seems work fine. but I want to make sure if this kind of setup
> is safe?
> if it is safe then I don't need to create another virtual interface just
> for dnsmasq.
> thanks a lot for help!!
>
>
> Regards,
> tbskyd
Oh dear, somebody else getting creative with dns :-)
You do know that the internal DNS server also listens on 127.0.0.1,
don't you ?
If you must use something else to get two forwarders, use Bind9 instead
of the internal dns server. The use of dnsmasq is not supported on a
Samba AD DC.
Rowland
More information about the samba
mailing list