[Samba] Secondary for samba zone

Tue Sep 8 18:12:43 UTC 2015

Most is all there, right.  But with BInd 9.9 there is a 'new' option 
that I needed on my DNS server.

On the Samba AD, I see:

dig home.htt SOA

; <<>> DiG 9.9.4-RedHat-9.9.4-18.el7 <<>> home.htt SOA
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38095
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;home.htt.            IN    SOA

;; ANSWER SECTION:
home.htt.        3600    IN    SOA    homebase.home.htt. 
hostmaster.home.htt. 4 900 600 86400 3600

I don't like the email default, but then shouldn't be getting emails to 
it.  But the timers are right.

But over on the main DNS server that will secondary this domain, there 
is a change to the zone description:

     zone "home.htt" {
         type slave;
         file "slaves/bak.home.htt";
         masterfile-format text;
         masters {192.168.192.2; };
     };

Note the new "masterfile-format text" line.  This is if you want a nice 
text file for the slave zone to read, rather than the more efficient 
binary file.  And here is what is in that file right now:

# more slaves/bak.home.htt
$ORIGIN .
$TTL 3600    ; 1 hour
home.htt        IN SOA    homebase.home.htt. hostmaster.home.htt. (
                 4          ; serial
                 900        ; refresh (15 minutes)
                 600        ; retry (10 minutes)
                 86400      ; expire (1 day)
                 3600       ; minimum (1 hour)
                 )
$TTL 900    ; 15 minutes
             NS    homebase.home.htt.
             A    192.168.192.2
$ORIGIN home.htt.
_msdcs            NS    homebase
$ORIGIN _tcp.Default-First-Site-Name._sites.home.htt.
_gc            SRV    0 100 3268 homebase.home.htt.
_kerberos        SRV    0 100 88 homebase.home.htt.
_ldap            SRV    0 100 389 homebase.home.htt.
$ORIGIN _tcp.home.htt.
_gc            SRV    0 100 3268 homebase.home.htt.
_kerberos        SRV    0 100 88 homebase.home.htt.
_kpasswd        SRV    0 100 464 homebase.home.htt.
_ldap            SRV    0 100 389 homebase.home.htt.
$ORIGIN _udp.home.htt.
_kerberos        SRV    0 100 88 homebase.home.htt.
_kpasswd        SRV    0 100 464 homebase.home.htt.
$ORIGIN home.htt.
$TTL 3600    ; 1 hour
cubieboard2        A    192.168.192.21
$TTL 900    ; 15 minutes
DomainDnsZones        A    192.168.192.2
$ORIGIN DomainDnsZones.home.htt.
_ldap._tcp.Default-First-Site-Name._sites SRV 0 100 389 homebase.home.htt.
_ldap._tcp        SRV    0 100 389 homebase.home.htt.
$ORIGIN home.htt.
ForestDnsZones        A    192.168.192.2
$ORIGIN ForestDnsZones.home.htt.
_ldap._tcp.Default-First-Site-Name._sites SRV 0 100 389 homebase.home.htt.
_ldap._tcp        SRV    0 100 389 homebase.home.htt.
$ORIGIN home.htt.
homebase        A    192.168.192.2
nevia            A    192.168.192.11
valeria            A    192.168.192.5

BTW, this is probably the simplest way to get a dump of your samba dns zone!

Now to set up all the other secondaried zones!

I am wondering if the dyndns updates are incrementing the serial 
number.  More tests to figure that out.