[Samba] samba dlz. bind9 nslookup is wrong

Patrik alabard at gmail.com
Mon Aug 5 08:52:00 UTC 2019 

samba generates an unknown ip4 and ip6 address.
here is my settings:

root at server:/# ifconfig
enp1s0f2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.81.20  netmask 255.255.255.0  broadcast 192.168.81.255
        inet6 fe80::21b:21ff:fea6:ce92  prefixlen 64  scopeid 0x20<link>
        inet6 2001:470:1f1b:5b5:21b:21ff:fea6:ce92  prefixlen 64  scopeid
0x0<global>
        inet6 2001:470:1f1b:5b5::20  prefixlen 128  scopeid 0x0<global>
        ether 00:1b:21:a6:ce:92  txqueuelen 1000  (Ethernet)
        RX packets 107157  bytes 21707511 (20.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 150336  bytes 86185199 (82.1 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device memory 0xdf080000-df0fffff

*enp1s0f3*: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
     *   inet 192.168.78.20  netmask 255.255.255.0  broadcast
192.168.78.255*
        inet6 fe80::21b:21ff:fea6:ce93  prefixlen 64  scopeid 0x20<link>
        inet6 2001:470:1f1b:5b3::20  prefixlen 128  scopeid 0x0<global>
       * inet6 2001:470:1f1b:5b3:21b:21ff:fea6:ce93  prefixlen 64  scopeid
0x0<global>*
        ether 00:1b:21:a6:ce:93  txqueuelen 1000  (Ethernet)
        RX packets 791340  bytes 177907393 (169.6 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1134072  bytes 729814669 (696.0 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device memory 0xdf000000-df07ffff

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 197393  bytes 107419197 (102.4 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 197393  bytes 107419197 (102.4 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

*My bind settings is correct as well (i wanna use enp1s0f3):*
root at server:/# cat /etc/bind/named.conf.local
view "internal-enp1s0f3" {
    match-clients { "internal-enp1s0f3"; };
    match-recursive-only yes;
    recursion yes;
    allow-recursion { "internal-enp1s0f3"; };

    notify yes;
    allow-update { none; };
    allow-query { any; };
    allow-transfer { xfer; };
    include "/etc/bind/named.conf.default-zones";

    zone "patrikx3.com" {
        type master;
        file "/etc/bind/zones/enp1s0f3/patrikx3.com";

*        include "/var/lib/samba/private/named.conf.update"; *    };

    zone "corifeus.com" {
        type master;
        file "/etc/bind/zones/enp1s0f3/corifeus.com";
    };

    zone "gitlist.tk" {
        type master;
        file "/etc/bind/zones/enp1s0f3/gitlist.tk";
    };

    zone "albafructus.eu" {
        type master;
        file "/etc/bind/zones/enp1s0f3/albafructus.eu";
    };


    zone "fruitinfo.hu" {
        type master;
        file "/etc/bind/zones/enp1s0f3/fruitinfo.hu";
    };


    zone "venyimgyumolcse.hu" {
        type master;
        file "/etc/bind/zones/enp1s0f3/venyimgyumolcse.hu";
    };


*    include "/var/lib/samba/private/named.conf";*};

view "internal-enp1s0f2" {
    match-clients { "internal-enp1s0f2"; };
    match-recursive-only yes;
    recursion yes;
    allow-recursion { "internal-enp1s0f2"; };
     notify yes;
    allow-update { none; };
    allow-query { any; };
    allow-transfer { xfer; };

    include "/etc/bind/named.conf.default-zones";

    zone "patrikx3.com" {
        type master;
        file "/etc/bind/zones/enp1s0f2/patrikx3.com";
    };

    zone "corifeus.com" {
        type master;
        file "/etc/bind/zones/enp1s0f2/corifeus.com";
    };

    zone "gitlist.tk" {
        type master;
        file "/etc/bind/zones/enp1s0f2/gitlist.tk";
    };

    zone "albafructus.eu" {
        type master;
        file "/etc/bind/zones/enp1s0f2/albafructus.eu";
    };

    zone "fruitinfo.hu" {
        type master;
        file "/etc/bind/zones/enp1s0f2/fruitinfo.hu";
    };


    zone "venyimgyumolcse.hu" {
        type master;
        file "/etc/bind/zones/enp1s0f2/venyimgyumolcse.hu";
    };

};


view "external" {
    match-clients { any; };

    recursion no;
    additional-from-auth no;
    additional-from-cache no;

//    allow-transfer { any; }; // temporarily allowed for debugging purposes
    allow-transfer { none; };

//    zone "namesystem.tk" IN {
//        type master;
//        file "/etc/bind/zones/external.namesystem.tk";
//    };
};

*My samba looks like this:*
# Global parameters
[global]

* bind interfaces only = yes*# if this is turned on, always perfect
# interfaces = lo 192.168.78.20 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
# interfaces = lo 192.168.78.20 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
192.168.81.20 2001:470:1f1b:5b5:21b:21ff:fea6:ce92
#        interfaces = lo 192.168.81.20 2001:470:1f1b:5b5:21b:21ff:fea6:ce92
# if all interfaces known, order is important, the last is the required
# interfaces = lo 192.168.78.20 192.168.81.20

# you can see it is should only allow on enp1s0f3 which is above

*interfaces = lo enp1s0f3* netbios name = SERVER
realm = P3X-DC.PATRIKX3.COM
# server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
winbindd, ntp_signd, kcc, dnsupdate
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd,
ntp_signd, kcc
workgroup = P3X-DC
allow insecure wide links = Yes
# before was working
unix extensions = no
server role = active directory domain controller
idmap_ldb:use rfc2307 = yes
comment =
# log level = 3
template shell = /bin/bash
template homedir = /home/%U

[netlogon]
path = /var/lib/samba/sysvol/p3x-dc.patrikx3.com/scripts
read only = No

[sysvol]
path = /var/lib/samba/sysvol
read only = No

[media]
        path = /media
        read only = no
        guest ok = no
        force group = media
        writable = yes

[mounts]
        path = /mnt
        read only = no
        guest ok = no
        force group = mount
        writable = yes

[router-logs]
        path = /var/log-router
        read only = yes
        guest ok = yes
        writable = no
        browseable = yes
#       valid users = router
        force user = root
        follow symlinks = yes
        wide links = yes

Now when i do an nslookup or try to access my domain p3x-dc.patrikx3.com,
it sometimes giving a wrong ip address:
root at server:/# nslookup p3x-dc.patrikx3.com
Server: 192.168.78.20
Address: 192.168.78.20#53



*Name: p3x-dc.patrikx3.com <http://p3x-dc.patrikx3.com>Address:
192.168.81.120*Name: p3x-dc.patrikx3.com
Address: 192.168.78.20


*Name: p3x-dc.patrikx3.com <http://p3x-dc.patrikx3.com>Address:
2001:470:1f1b:5b5:eeaa:a0ff:fe1b:4d84*Name: p3x-dc.patrikx3.com
Address: 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
Name: p3x-dc.patrikx3.com
Address: 2001:470:1f1b:5b3::20

*Where does Samba with DLZ Bind (correct versions as well) generates this
ip addresses??? *
*I tried everything an it still generates this weird always 192.168.81.120,
when I am not even using this interface.*
*The problem is that when i like wanna use or ping it rotating the ip
address and sometimes i get the wrong. But who is gneerating it?*

*I searched with grep since root (/) and there is no ip address anywhere
192.168.81.120. SO super weird!*

*Patrik*
WWW <https://patrikx3.com> | GitHub <https://github.com/patrikx3/> | NPM
<https://www.npmjs.com/~patrikx3> | Corifeus <https://corifeus.com> | +36
20 342 8046

More information about the samba mailing list