[Samba] IP aliases of DCs to prevent DNS timeouts
vincent at cojot.name
vincent at cojot.name
Wed May 2 18:45:40 UTC 2018
On Wed, 2 May 2018, Denis Cardon via samba wrote:
> may I inquire why you are have setup such a scenario? If all DC are on same
> site, it is not necessary to have such a hassle. If DC02 and DC03 are on
> different remote site with intermitent electricity/connectivity, you can
> juste setup "sites and services" in corresponding console, and workstations
> will only communicate with their site's DC.
Yes, all DCs are on the same site but some of them aren't always on: I
have 4 non-symmetrical infrastructure hosts, each running redundant
services and samba 4.7.6 in a VM. It is quite rare that all 4 hypervisors
are up at the same time (to save on noise and electricity) and I was
hoping to provide VIP redundancy to the DNS A records so that any client
querying the 'wrong' DC wouldn't hit a timeout.
For normal (non-AD) DNS services, each host also runs named and I have two
VIPs servicing DNS queries for clients. The VIPs get relocated to whatever
hypervisor is up (so that clients do not hit timeouts) and I was hoping to
do something similar for AD DC's.
I have actually given up on this as I've discovered that AD would
auto-discover the VIPS local to a host and modify the AD DNS entries for
that host : a few days ago I found dc00 with 3 IP's in DNS manager: its
own and those of dc02 and dc03.
> One issue may arise if you use the A DNS field corresponding to your domain
> name. There seems to be some kind of indetermination in certain cases.
The DNS round-robin lookup, you mean? I admit that I am still very new at
this samba AD/DC DNS stuff.
PS: Any idea when tranquil.it will be updating the samba 4.7.x to 4.7.7?
Thanks,
Vincent
More information about the samba
mailing list