[Samba] Questions About Bind_DLZ

David Minard david at scem.uws.edu.au
Wed Sep 30 01:26:04 UTC 2015

G'day Sketch,

> On Tue, 29 Sep 2015, Marc Muehlfeld wrote:
> >>/  29-Sep-2015 10:57:43.108 database: error: samba_dlz b9_format: unhandled
> />>/  record type 0
> />>/  29-Sep-2015 10:57:43.109 database: error: samba_dlz b9_format: unhandled
> />>/  record type 0
> />>/
> />>/      Only once mind you.  Should I be concerned?  The other DCs didn't
> />>/  get this error.
> />/
> />/  G√ľnter answerd this a while ago:
> />/  https://lists.samba.org/archive/samba/2014-January/178083.html/

/Cool.  Seems to imply that I can safely ignore this message - hopefully 
in some future version of Samba these missing types will be dealt with.

> /
> /
> Offtopic, but any chance we could get SSHFP records added?
> http://www.openssh.com/txt/rfc4255.txt
> >>/      Lastly, as we are a multi site set up, we currently run bind using
> />>/  "Views".
> />/
> />/  Sorry. Never used DNS views.
> /
> I have used views, but never with samba, so the following is just
> speculation on my part.
> I found an example here including non-samba DLZ inside view statements,
> so it seems to be at least theoretically possible:
> http://phaq.phunsites.net/2011/11/01/dns-zone-split-view-configuration-with-bind-dlz/

     The article shows someone using two different DLZ files.  One in 
each view.  My problem is that I need the Samba_DLZ to be seen through 
out our whole multi-campus set up, but non samba.domain queries within 
the school need to honour the views.

     Previously I tried setting this up by adding the samba-DLZ line in 
each view, and it worked, samba.domain DNS queries worked, as well as 
our non samba.domain DNS queries, until named randomly died.  Only once 
did it throw an error.  I can't find the log entry..  I probably 
destroyed the VM I was using and started again.

> If you only want to serve AD DNS on an internal view and hide it from
> external clients, I would imagine that this would work fine.  However, as
> samba only provides a single DLZ zone, I don't know what would happen if
> you put it into more than one view.  It might work fine and serve the same
> data in multiple views, or it might blow up (especially if you have
> multiple clients doing nsupdates from different views).  I would recommend
> testing your use case in a lab setup to see if it works for you.

     I'm assuming that I could use Views to handle the samba_DLZ if I 
only put it into one of the views.  The problem with that will be, if 
for some reason, a samba DNS query comes from another campus, the query 
will fail because the view for that campus won't know about the 
Samba_DLZ stuff.


David Minard.
Ph:    0247 360 155
Fax:    0247 360 770

School of Computing, Engineering, and Mathematics
Building Y - Penrith Campus (Kingswood)
Locked bag 1797
Penrith South DC
NSW 1797

[Sometimes waking up just isn't worth the insult of the day to come.]

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the samba mailing list