[Samba] which DNS backend ?
Reindl Harald
h.reindl at thelounge.net
Mon Feb 29 10:45:07 UTC 2016
Am 29.02.2016 um 11:28 schrieb Rowland penny:
> On 29/02/16 09:42, Reindl Harald wrote:
>>
>>
>> Am 29.02.2016 um 10:10 schrieb Rowland penny:
>>> Everything you say is valid except for when it comes to AD dns.
>>> When you want data from a zone, you start with the SOA record, you ask
>>> 'who holds the records for this zone?', it replies with the nameserver
>>> that holds the zone records. OK so far ?
>>>
>>> Only problem is that with AD, *every* DC that runs a dns server holds
>>> the zone records. Now if you have only one NS record in the SOA (or if
>>> only one NS record is returned, like the internal dns server does), then
>>> only one DC will be asked for the zone records, if this DC is down, you
>>> don't have a nameserver to ask!
>>
>> than its a bug in the internal dns server only return one NS record
>
> Totally agree
>
>>
>>> Every windows DC that runs a dns server is authoritative for the dns
>>> domain and has a SOA record. The only way I have found of doing this
>>> with a Samba DC, is to use Bind9 and add the second DCs NS record to the
>>> SOA, this SOA is stored in AD
>>
>> how would a SOA record look like with two NS records?
>>
>
> There was a thread dealing with this in December, see here for what I
> posted then:
>
> https://lists.samba.org/archive/samba/2015-December/196367.html
i just want to see how a "dig SOA example.lan." would look like to
contain two nameservers, that below form the thread is as always a SOA
containing one origin
example.lan
origin = testdc1.example.lan
mail addr = hostmaster.example.lan
serial = 3
refresh = 900
retry = 600
expire = 86400
minimum = 3600
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20160229/863e1e45/signature.sig>
More information about the samba
mailing list