[Samba] How to update the root hints for bind DLZ

Marcel de Reuver marcel at de.reuver.org
Tue Jun 6 11:06:42 UTC 2017 

A quick search on Google gives: http://www.unixfu
.ch/how-do-i-update-the-root-hints-data-file-for-bind-named-server/

Best regards,
Marcel de Reuver

2017-06-06 11:36 GMT+02:00 Torsten Kurbad via samba <samba at lists.samba.org>:

> Hi,
>
> we are running a Samba AD on UCS 4.2, which comes with Samba 4.6.1.
>
> The DNS server (192.168.0.200) is operated by bind with the samba DLZ
> module. It also hosts several zones outside of samba.
>
> Every couple of hours, I get messages like these on the server:
>
> Jun  5 23:04:58 ucsdc1 daemon:[warning] checkhints:
>   h.root-servers.net/A (198.97.190.53) missing from hints
> Jun  5 23:04:58 ucsdc1 daemon:[warning] checkhints:
>   h.root-servers.net/A (128.63.2.53) extra record in hints
> Jun  5 23:06:48 ucsdc1 daemon:[warning] checkhints:
>   h.root-servers.net/A (198.97.190.53) missing from hints
> Jun  5 23:06:48 ucsdc1 daemon:[warning] checkhints:
>   h.root-servers.net/A (128.63.2.53) extra record in hints
>
> This is because h.root-servers.net transitioned to a new IP in the
> one any a half year ago.
> [https://www.isc.org/blogs/h-root-will-change-its-
> addresses-on-1-december-2015-what-does-this-mean-for-you/]
>
> I updated the relevant section in my /etc/bind/db.root that now looks
> like this:
>
> ;
> ; FORMERLY AOS.ARL.ARMY.MIL
> ;
> .                        3600000      NS    H.ROOT-SERVERS.NET.
> H.ROOT-SERVERS.NET.      3600000      A     198.97.190.53
> H.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:1::53
>
> 'dig -t any 192.168.0.200' says:
>
> h.root-servers.net.     57555   IN      A    198.97.190.53
> h.root-servers.net.     57555   IN      AAAA 2001:500:1::53
>
> However, the messages keep appearing in the log. After some
> digging I found that 'samba-tool dns roothints 192.168.0.200' says:
>
>   Name=h.root-servers.net., Records=1, Children=0
>     A: 128.63.2.53 (flags=8, serial=0, ttl=0)
>
> If I try to update this entry in the Windows DNS management console, I
> get an error message:
>
>   Failure to write NS record <h.root-servers.net>
>   Der Name ist nicht vorhanden.
>
> (Last part is German - Unfortunately, I don't have an English Windows
> version at my disposal, but loosely translated it would be something
> like "The name could not be found".)
>
> Thus, my question is: What is the correct way to update Samba's root
> hints?
>
> Thank you and best regards,
> Torsten
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list