[Samba] which DNS backend ?

Reindl Harald h.reindl at thelounge.net
Mon Feb 29 10:45:07 UTC 2016

Am 29.02.2016 um 11:28 schrieb Rowland penny:
> On 29/02/16 09:42, Reindl Harald wrote:
>> Am 29.02.2016 um 10:10 schrieb Rowland penny:
>>> Everything you say is valid except for when it comes to AD dns.
>>> When you want data from a zone, you start with the SOA record, you ask
>>> 'who holds the records for this zone?', it replies with the nameserver
>>> that holds the zone records. OK so far ?
>>> Only problem is that with AD, *every* DC that runs a dns server holds
>>> the zone records. Now if you have only one NS record in the SOA (or if
>>> only one NS record is returned, like the internal dns server does), then
>>> only one DC will be asked for the zone records, if this DC is down, you
>>> don't have a nameserver to ask!
>> than its a bug in the internal dns server only return one NS record
> Totally agree
>>> Every windows DC that runs a dns server is authoritative for the dns
>>> domain and has a SOA record. The only way I have found of doing this
>>> with a Samba DC, is to use Bind9 and add the second DCs NS record to the
>>> SOA, this SOA is stored in AD
>> how would a SOA record look like with two NS records?
> There was a thread dealing with this in December, see here for what I
> posted then:
> https://lists.samba.org/archive/samba/2015-December/196367.html

i just want to see how a "dig SOA example.lan." would look like to 
contain two nameservers, that below form the thread is as always a SOA 
containing one origin

      origin = testdc1.example.lan
      mail addr = hostmaster.example.lan
      serial = 3
      refresh = 900
      retry = 600
      expire = 86400
      minimum = 3600

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20160229/863e1e45/signature.sig>

More information about the samba mailing list