[Samba] DNS Suddenly breaking
mathias dufresne
infractory at gmail.com
Thu Jun 30 14:11:39 UTC 2016
from both DC:
dig google.com
dig @8.8.8.8 google.com
First dig will use resolvers declared into /etc/resolv.conf.
Second dig forces usage of 8.8.8.8.
Both commands should reply the same things, on all DC.
2016-06-30 15:58 GMT+02:00 lingpanda101 at gmail.com <lingpanda101 at gmail.com>:
> On 6/30/2016 9:57 AM, Garland McAlexander wrote:
>
>> nslookup google.com <http://google.com>
>> ;; Got recursion not available from 192.168.1.236, trying next server
>> Server: 192.168.1.235
>> Address: 192.168.1.235#53
>>
>> Non-authoritative answer:
>> Name: google.com <http://google.com>
>> Address: 172.217.4.78
>>
>>
>> Interesting little bit about the "Recursion not available"
>>
>>
>> On Thu, Jun 30, 2016 at 9:52 AM, lingpanda101 at gmail.com <mailto:
>> lingpanda101 at gmail.com> <lingpanda101 at gmail.com <mailto:
>> lingpanda101 at gmail.com>> wrote:
>>
>> On 6/30/2016 9:41 AM, Garland McAlexander wrote:
>>
>> Hosts:
>>
>> 127.0.0.1 localhost localhost.localdomain localhost4
>> localhost4.localdomain4
>> ::1 localhost localhost.localdomain localhost6
>> localhost6.localdomain6
>> 192.168.1.235 bus-ny-dc-01.domain.domain.com
>> <http://bus-ny-dc-01.domain.domain.com>
>> <http://bus-ny-dc-01.domain.domain.com> bus-ny-dc-01
>>
>>
>> Resolv:
>>
>> # Generated by NetworkManager
>> search domain.domain.com <http://domain.domain.com>
>> <http://domain.domain.com>
>> nameserver 192.168.1.236
>> nameserver 192.168.1.235
>>
>> Smb.conf:
>>
>> # Global parameters
>> [global]
>> workgroup = DOMAIN
>> realm = DOMAIN.DOMAIN.COM <http://DOMAIN.DOMAIN.COM>
>> <http://DOMAIN.DOMAIN.COM>
>> netbios name = BUS-NY-DC-01
>> server role = active directory domain controller
>> dns forwarder = 8.8.8.8
>> printing = bsd
>> printcap name = /dev/null
>>
>> [netlogon]
>> path = /var/lib/samba/sysvol/domain.domain.com/scripts
>> <http://domain.domain.com/scripts>
>> <http://domain.domain.com/scripts>
>> read only = No
>>
>> [sysvol]
>> path = /var/lib/samba/sysvol
>> read only = No
>>
>>
>>
>> On Thu, Jun 30, 2016 at 9:36 AM, lingpanda101 at gmail.com
>> <mailto:lingpanda101 at gmail.com> <mailto:lingpanda101 at gmail.com
>> <mailto:lingpanda101 at gmail.com>> <lingpanda101 at gmail.com
>> <mailto:lingpanda101 at gmail.com> <mailto:lingpanda101 at gmail.com
>> <mailto:lingpanda101 at gmail.com>>> wrote:
>>
>> On 6/30/2016 9:25 AM, Garland McAlexander wrote:
>>
>> Yes, it's set up with 8.8.8.8
>>
>> I'm able to ping it without issues, jut not able to
>> resolve
>> anything
>> externally.
>>
>> On Thu, Jun 30, 2016 at 9:09 AM, mathias dufresne
>> <infractory at gmail.com <mailto:infractory at gmail.com>
>> <mailto:infractory at gmail.com <mailto:infractory at gmail.com>>>
>> wrote:
>>
>> To get recursion working with internal DNS you
>> only need
>> to set up:
>> dns forwarder = <IP of your main DNS>
>>
>> Is it configured?
>>
>> If yes and packets can go from your broken DC to "your
>> main DNS" using TCP
>> and also UDP, there is an issue.
>>
>> 2016-06-30 14:58 GMT+02:00 Garland McAlexander
>> <garland at linear.nyc>:
>>
>> It's samba internal DNS. Only one DNS zone,
>> and it's
>> domain.domain.tld.
>> It'll function perfectly, and then cease to
>> function
>> at a random time.
>>
>> On Thu, Jun 30, 2016 at 5:31 AM, Mueller
>> <mueller at tropenklinik.de
>> <mailto:mueller at tropenklinik.de>
>> <mailto:mueller at tropenklinik.de
>> <mailto:mueller at tropenklinik.de>>> wrote:
>>
>> What kind of DNS, bind or internal?
>> With bind an samba 4.3.4 I have an issue and I
>> have to restart bind an
>> avahi:
>> s4slave named-sdb[8750]: error (connection
>> refused) resolving '
>> thefreelanceforum.com/AAAA/IN
>> <http://thefreelanceforum.com/AAAA/IN>
>> <http://thefreelanceforum.com/AAAA/IN>':
>> 192.12.94.30#53.
>>
>> Only a restart of bind resolves this.
>>
>>
>> EDV Daniel Müller
>>
>> Leitung EDV
>> Tropenklinik Paul-Lechler-Krankenhaus
>> Paul-Lechler-Str. 24
>> 72076 Tübingen
>> Tel.: 07071/206-463, Fax: 07071/206-499
>> Email: mueller at tropenklinik.de
>> <mailto:mueller at tropenklinik.de>
>> <mailto:mueller at tropenklinik.de
>> <mailto:mueller at tropenklinik.de>>
>> www.tropenklinik.de <http://www.tropenklinik.de>
>> <http://www.tropenklinik.de>
>> www.bauen-sie-mit.tropenklinik.de
>> <http://www.bauen-sie-mit.tropenklinik.de>
>> <http://www.bauen-sie-mit.tropenklinik.de>
>>
>>
>>
>>
>> -----Ursprüngliche Nachricht-----
>> Von: Garland McAlexander
>> [mailto:garland at linear.nyc
>> <mailto:garland at linear.nyc>
>> <mailto:garland at linear.nyc
>> <mailto:garland at linear.nyc>>]
>> Gesendet: Donnerstag, 30. Juni 2016 10:52
>> An: samba at lists.samba.org
>> <mailto:samba at lists.samba.org>
>> <mailto:samba at lists.samba.org
>>
>> <mailto:samba at lists.samba.org>>
>>
>> Betreff: [Samba] DNS Suddenly breaking
>>
>> Hi All,
>>
>> I've got a newly created Samba4 domain. I'm
>> running into a strange
>>
>> issue
>>
>> where my internal DNS on my first domain
>> controller is "breaking"
>>
>> causing
>>
>> it to not resolve any external hosts.
>> It'll still
>> resolve internal hosts
>> without issue. This is only on the first
>> DC, the
>> second DC is running
>> perfectly fine and can access external hosts
>> without issue.
>>
>> There is absolutely NOTHING in the logs about
>> this. I cannot find where
>> this is going wrong, and sometimes it
>> seems that
>> it'll randomly fix
>>
>> itself.
>>
>> Any help is sincerely appreciated.
>> --
>> To unsubscribe from this list go to the
>> following
>> URL and read the
>> instructions:
>> https://lists.samba.org/mailman/options/samba
>>
>>
>>
>> --
>> *Sincerely,*
>> *Garland McAlexander*
>> *O: 212-271-0198 <tel:212-271-0198>
>> <tel:212-271-0198 <tel:212-271-0198>>*
>> *C: 321-315-9948 <tel:321-315-9948>
>> <tel:321-315-9948 <tel:321-315-9948>>*
>> --
>> To unsubscribe from this list go to the
>> following URL
>> and read the
>> instructions:
>> https://lists.samba.org/mailman/options/samba
>>
>>
>>
>>
>> Can you post your hosts file, resolv.conf and smb.conf
>> from DC1?
>>
>> -- -James
>>
>>
>>
>> -- To unsubscribe from this list go to the following
>> URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>>
>>
>>
>> -- /Sincerely,/
>> /Garland McAlexander/
>> /O: 212-271-0198 <tel:212-271-0198>/
>> /C: 321-315-9948 <tel:321-315-9948>/
>>
>> Nothing out of the ordinary. Does the issue happen on the server
>> side or client side? Can you run 'nslookup google.com
>> <http://google.com>' from the DC? It should look similar to this.
>>
>> nslookup google.com <http://google.com>
>> Server: 192.168.1.236
>> Address: 192.168.1.236#53
>>
>> Non-authoritative answer:
>> Name: google.com <http://google.com>
>> Address: 172.217.2.206
>>
>> Can you rerun the same if it also happens from the client side?
>>
>>
>>
>> -- -James
>>
>> -- To unsubscribe from this list go to the following URL and read
>> the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>>
>>
>>
>> --
>> /Sincerely,/
>> /Garland McAlexander/
>> /O: 212-271-0198/
>> /C: 321-315-9948/
>>
>> This tells me the issue is on DC2 and not DC1. Can you post the same
> configs from DC2?
>
>
>
> --
> -James
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list