[Samba] which DNS backend ?
Rowland penny
rpenny at samba.org
Tue Mar 1 13:50:10 UTC 2016
On 01/03/16 13:23, Reindl Harald wrote:
>
>
> Am 01.03.2016 um 11:23 schrieb mathias dufresne:
>> Several SOA is easy to design without breaking RFC: as every DNS server
>> in AD is able to modify the zone, every DNS server in AD is SOA. As any
>> DNS server is SOA and only one SOA can be returned, these DNS server
>> must reply "I am SOA".
>> 10 DC running a DNS server.
>> One client asking to DC07 for SOA.
>> DC07 replies "SOA is DC07".
>> One client asking to DC02 for SOA.
>> DC02 replies "SOA is DC02".
>
> yes, but that's not a SOA containing two nameservers - period
> nothing else is what i criticized because the term is wrong
>
>
>
OK, lets use 'nslookup' to get the SOA record from my netbook:
rowland at debnet:~$ nslookup
> set querytype=soa
> samdom.example.com
Server: 192.168.0.5
Address: 192.168.0.5#53
samdom.example.com
origin = dc1.samdom.example.com
mail addr = hostmaster.samdom.example.com
serial = 185
refresh = 900
retry = 600
expire = 86400
minimum = 3600
This shows that 'dc1.samdom.example.com' is authoritative for the domain.
Lets change the server that 'nslookup' uses:
> server 192.168.0.6
Default server: 192.168.0.6
Address: 192.168.0.6#53
Now rerun the soa lookup:
> set querytype=soa
> samdom.example.com
Server: 192.168.0.6
Address: 192.168.0.6#53
samdom.example.com
origin = dc2.samdom.example.com
mail addr = hostmaster.samdom.example.com
serial = 185
refresh = 900
retry = 600
expire = 86400
minimum = 3600
>
Different server, different Authoritative server, *BUT* there is only
one SOA record in AD:
dn:
DC=@,DC=samdom.example.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=example,DC=com
objectClass: top
objectClass: dnsNode
instanceType: 4
whenCreated: 20151106115624.0Z
uSNCreated: 3657
showInAdvancedViewOnly: TRUE
name: @
objectGUID: 7ad014c4-c1e9-4cb4-9f0d-96d0272af23d
objectCategory:
CN=Dns-Node,CN=Schema,CN=Configuration,DC=samdom,DC=example,DC=com
dc: @
whenChanged: 20160226163554.0Z
dnsRecord: NDR: struct dnsp_DnssrvRpcRecord
wDataLength : 0x004f (79)
wType : DNS_TYPE_SOA (6)
version : 0x05 (5)
rank : DNS_RANK_ZONE (240)
flags : 0x0000 (0)
dwSerial : 0x000000b8 (184)
dwTtlSeconds : 0x00000e10 (3600)
dwReserved : 0x00000000 (0)
dwTimeStamp : 0x00378778 (3639160)
data : union dnsRecordData(case 6)
soa: struct dnsp_soa
serial : 0x000000b9 (185)
refresh : 0x00000384 (900)
retry : 0x00000258 (600)
expire : 0x00015180 (86400)
minimum : 0x00000e10 (3600)
mname : dc1.samdom.example.com
rname : hostmaster.samdom.example.com
dnsRecord: NDR: struct dnsp_DnssrvRpcRecord
wDataLength : 0x001a (26)
wType : DNS_TYPE_NS (2)
version : 0x05 (5)
rank : DNS_RANK_ZONE (240)
flags : 0x0000 (0)
dwSerial : 0x000000b8 (184)
dwTtlSeconds : 0x00000384 (900)
dwReserved : 0x00000000 (0)
dwTimeStamp : 0x00000000 (0)
data : union dnsRecordData(case 2)
ns : dc1.samdom.example.com
dnsRecord: NDR: struct dnsp_DnssrvRpcRecord
wDataLength : 0x001a (26)
wType : DNS_TYPE_NS (2)
version : 0x05 (5)
rank : DNS_RANK_ZONE (240)
flags : 0x0000 (0)
dwSerial : 0x000000b8 (184)
dwTtlSeconds : 0x00000384 (900)
dwReserved : 0x00000000 (0)
dwTimeStamp : 0x00377e1b (3636763)
data : union dnsRecordData(case 2)
ns : dc2.samdom.example.com
dnsRecord: NDR: struct dnsp_DnssrvRpcRecord
wDataLength : 0x0004 (4)
wType : DNS_TYPE_A (1)
version : 0x05 (5)
rank : DNS_RANK_ZONE (240)
flags : 0x0000 (0)
dwSerial : 0x000000b8 (184)
dwTtlSeconds : 0x00000384 (900)
dwReserved : 0x00000000 (0)
dwTimeStamp : 0x00000000 (0)
data : union dnsRecordData(case 1)
ipv4 : 192.168.0.5
dnsRecord: NDR: struct dnsp_DnssrvRpcRecord
wDataLength : 0x0004 (4)
wType : DNS_TYPE_A (1)
version : 0x05 (5)
rank : DNS_RANK_ZONE (240)
flags : 0x0000 (0)
dwSerial : 0x000000b8 (184)
dwTtlSeconds : 0x00000384 (900)
dwReserved : 0x00000000 (0)
dwTimeStamp : 0x00377cfa (3636474)
data : union dnsRecordData(case 1)
ipv4 : 192.168.0.6
uSNChanged: 117981
distinguishedName:
DC=@,DC=samdom.example.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=example,DC=com
Does that convince you ???
Rowland
More information about the samba
mailing list