[Samba] Recurrent DNS issues after DC loss

Rowland Penny rpenny at samba.org
Wed Jun 6 14:48:02 UTC 2018 

On Wed, 6 Jun 2018 10:25:43 -0400
lingpanda101 <lingpanda101 at gmail.com> wrote:

> On 6/6/2018 10:02 AM, Rowland Penny via samba wrote:
> > On Wed, 6 Jun 2018 15:40:48 +0200
> > Ole Traupe via samba <samba at lists.samba.org> wrote:
> >
> >>
> >> On 06.06.2018 14:44, lingpanda101 wrote:
> >>>> ** SNIP **
> >>>>
> >>>> Actually, the DCs (resolv.conf) were pointing to each other
> >>>> initially, and I think that was at least one root of the evil. I
> >>>> think this advice in the Samba wiki actually is rather bad (and
> >>>> unnecessary with Samba, as has been pointed out, before?).
> >>> Using Bind I find it's necessary to point the DC to itself. I had
> >>> no issues pointing to another DC with the internal DNS. The Wiki
> >>> actually mentions best practice for a multi DC environment as it
> >>> relates to a Windows setup. I do think it's unnecessary with Samba
> >>> however.
> > Just where does it say this ?
> > I will fix it
> Hi Rowland,
> 
>      I'm referencing here under ' DNS Configuration on Domain
> Controller'
> 
> https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory#DNS_Configuration_on_Domain_Controllers
> 
> "The following is a best practice for DNS configuration on domain 
> controllers (DC):
> Set the local IP of a DC as secondary or tertiary|nameserver|entry in 
> its|/etc/resolv.conf|file and use a different Active Directory (AD)
> DNS server IP from the forest as primary name server"
> 
> It's saying to point to each other as primary. Which is best practice
> to avoid a island issue. I don't think it's really an issue with
> Samba though.
> 

It doesn't say that any more ;-)

This is from my DCs

root at dc4:~# cat /etc/resolv.conf
search samdom.example.com
nameserver 192.168.0.6
root at dc4:~# hostname -i
192.168.0.6

root at dc3:~# cat /etc/resolv.conf
search samdom.example.com
nameserver 192.168.0.7
root at dc3:~# hostname -i
192.168.0.7

And everything works!

> >
> > domain samdom.example.com
> > nameserver 10.99.0.1

Er no, 'domain' should be 'search'

Rowland

More information about the samba mailing list