[Samba] IP aliases of DCs to prevent DNS timeouts

vincent at cojot.name vincent at cojot.name
Wed May 2 18:45:40 UTC 2018



On Wed, 2 May 2018, Denis Cardon via samba wrote:

> may I inquire why you are have setup such a scenario? If all DC are on same 
> site, it is not necessary to have such a hassle. If DC02 and DC03 are on 
> different remote site with intermitent electricity/connectivity, you can 
> juste setup "sites and services" in corresponding console, and workstations 
> will only communicate with their site's DC.

Yes, all DCs are on the same site but some of them aren't always on: I 
have 4 non-symmetrical infrastructure hosts, each running redundant 
services and samba 4.7.6 in a VM. It is quite rare that all 4 hypervisors 
are up at the same time (to save on noise and electricity) and I was 
hoping to provide VIP redundancy to the DNS A records so that any client 
querying the 'wrong' DC wouldn't hit a timeout.

For normal (non-AD) DNS services, each host also runs named and I have two 
VIPs servicing DNS queries for clients. The VIPs get relocated to whatever 
hypervisor is up (so that clients do not hit timeouts) and I was hoping to 
do something similar for AD DC's.

I have actually given up on this as I've discovered that AD would 
auto-discover the VIPS local to a host and modify the AD DNS entries for 
that host : a few days ago I found dc00 with 3 IP's in DNS manager: its 
own and those of dc02 and dc03.

> One issue may arise if you use the A DNS field corresponding to your domain 
> name. There seems to be some kind of indetermination in certain cases.

The DNS round-robin lookup, you mean? I admit that I am still very new at 
this samba AD/DC DNS stuff.

PS: Any idea when tranquil.it will be updating the samba 4.7.x to 4.7.7?

Thanks,

Vincent



More information about the samba mailing list