[Samba] winbind seems to hang when the DC goes down instead of switching to the other available DC
L.P.H. van Belle
belle at bazuin.nl
Fri Aug 2 15:17:42 UTC 2019
Hai marco,
Well, this is a hard one to answer for me.
I'll give it a try. ;-)
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Marco Gaiarin via samba
> Verzonden: vrijdag 2 augustus 2019 15:28
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] winbind seems to hang when the DC goes
> down instead of switching to the other available DC
>
> Mandi! L.P.H. van Belle via samba
> In chel di` si favelave...
>
> > Yes, best is to use the "localhost" dns setup as
> caching/forwarder only.
>
> Ok.
>
>
> > All you need is for the forwarding is :
>
> But, sorry me, what advantage i have to use 'forward zone' instead of
> using 'normal' dns zone handling (eg, supposing as suggested the AD
> zone is in a subzone, using correctly glue records in the main zone)?
>
> If i use normal dns zone handling, i set the NS glue record
> only in one place (the parent zone file), and at least until i do 'the
> right thing'
> (eg, i can resolv the parent zone), i'm OK.
Yes, that will work but done wrong, you might create a circular reference.
Using glue or not, this depends also on how you setup your resolving.
But still, nothing wrong in using glue records.
There are more ways to Rome then one.. ;-)
>
>
> While, if i set forward zone like:
>
> > zone "your.dnsdomain.tld" {
> > type forward;
> > forwarders { IP_DC1; IP_DC2; };
> > };
>
> i can limit access to, eg, the local site NS/DC and not use the round
> robin algorithm. Also effectively, if i set as above, local bind *TRY* the listed
> forwarders and then fallback to normal resolution, while if i set
> instead:
>
> zone "your.dnsdomain.tld" {
> type forward;
> forwarders { IP_DC1; IP_DC2; };
> forward only;
> };
>
> i limit effectively the forward only to listed forwarders.
>
>
> So, seems to me that adding a forward zone pointing to the site-local
> NS/DC servers *WITHOUT* 'forward only' simulate more closely Windows
> behaviour (eg, try NS in the local site, the try other/outer).
>
>
> Right?
Yes, .. And No, because again, it depends on how you setup your dns resolving.
For example, i have 3 servers using split dns setups, in cacheing and/or forwarding setups.
1 of these have
zone "your.dnsdomain.tld" {
type forward;
forwarders { IP_DC1; IP_DC2; };
};
And one has
zone "your.dnsdomain.tld" {
type forward;
forwarders { IP_DC1; IP_DC2; };
forward only;
};
And depending on the use, resolv.conf has.
My preffered search order
(NOTE that normaly the primary.sambadnsdomain.tld is always first for you program's)
(hostname -f or hostname -d will give problems with samba. )
search internal.domain.tld domain.tld < used on my webserver
Or
search internal.domain.tld < used on my members servers
Or
search domain.tld internal.domain.tld < used on my mailrelay.
With
nameserver 127.0.0.1
And/or
nameserver internet_dns1
nameserver internet_dns2
And/or
nameserver 127.0.0.1
nameserver IP_DC1
nameserver IP_DC2;
All above make sure, at least, for me, that i need the resolving there, where is should go to.
Lan dns or internet DNS because of certificates or DNS CAA records SPF DMARC DKIM, things like that.
I dont have a "normal" network. :-(
And adding a forwarder, as shown, was for me, the quickest and most simple solution to get everything running.
My setup might not be the best setup for you, i just think for others using a forwarder like this is less prone to errors for beginners.
>
>
> Just i'm here, there's some way to tackle 'roundrobin/handoff'
> parameters between forwarders {} listed server, more or less like what
> you suggest for /etc/resolv.conf?
Round robin in resolv.conf is options rotate:X
But i dont use Round Robin here.
Where needed i've set timeout and attempts but most is default.
Think your looking for this.
http://www.zytrax.com/books/dns/ch7/queries.html#rrset-order
So far, i hope it helps you a bit.
Have a good weekend..
Greetz,
Louis
More information about the samba
mailing list