[Samba] Recommended DNS configuration on Domain Controllers causes share by IP name to fail

Rowland Penny rpenny at samba.org
Wed Nov 30 16:03:52 UTC 2016 

On Wed, 30 Nov 2016 16:18:47 +0100
"L.P.H. van Belle via samba" <samba at lists.samba.org> wrote:

> Hai James, 
> 
> ..
> > 
> > I think the wiki is correct but see comment below.
> > 
> >      I don't believe islanding to be a big concern either but what
> > about the possibility of a "race condition" between DNS and AD? In
> > a Microsoft environment, AD has the possibility of starting first
> > before DNS has started. This of course creates failure in name
> > resolution during boot. Is this a concern using Bind or Samba
> > internal DNS?  If not then I see no issue setting a DC to itself as
> > a primary DNS server.
> > 
> > --
> > - James
> > 
> > 
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> 
> 
> >AD has the possibility of starting first before DNS has started.
> 
> No, not true, 
> Active Directory Domain Services depends on DNS Server ( and others)
> in windows. 
> 
> And yes the wiki does have a few errors imo. 
> One needed correction are the /etc/hosts file for example : 
> 127.0.0.1 localhost any-other.alias
> See also : http://www.ietf.org/rfc/rfc1912.txt

That doesn't seem to mention /etc/hosts, but 'man hosts' contains this: 

For each host a single line should be present
       with the following information:

              IP_address canonical_hostname [aliases...]

The 'canonical_hostname' would be the FQDN 'localhost.localdomain' and
'aliases' would be the short hostname 'localhost'.

> 
> 
> >Is this a concern using Bind or Samba internal DNS?
> I ask at Oliver ( todays subject : [Samba] Add new DomainController ) 
> I think this is related with bind. Let wait what he tells us. 
> 
> And if its systemd 
> (and in my debian jessie system im still missing some startup
> dependecies.) Something like : 
> After=network.target bind9.service
> Requires=network-online.target
> 
> ... 
> The network.target only indicates that the network management stack
> is up. Whether any network interfaces are already configured when it
> is reached is undefined.
> 
> I'll go through the debian bug list for this. 
> 
> Setting a DC to itself as a primary DNS server, yes its possible. 
> But only client software uses it (resolv.conf). 
> Any pc used the DNS itself. 
> 
> At a DC join you MUST point to the first DC and only after everything
> is replicated yes you can point back to itself, not that i advice it.

Why ? My feelings on this are, if you use another DC for dns for a DC,
if the other DC is down, you will get problems, whereas if you use the
DC for its dns, you only have one problem if the DC goes down.

I used to use each DC as its own dns server and never had any
problems, then the last time this subject was raised, I started to
use the other DC, but have had minor problems since.

I think it is a case of doing what you think best ;-)

Rowland

More information about the samba mailing list