[Samba] samba dlz. bind9 nslookup is wrong

Patrik alabard at gmail.com
Mon Aug 5 08:55:56 UTC 2019


the dig is wrong as well, it adds an additional ip address, which i have
not request to use other interfaces:
root at server:/# dig p3x-dc.patrikx3.com

; <<>> DiG 9.11.5-P4-5.1-Debian <<>> p3x-dc.patrikx3.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11190
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 66036a94bb3e1581462f8e255d47eeb6d1035f98f9f46c49 (good)
;; QUESTION SECTION:
;p3x-dc.patrikx3.com. IN A

;; ANSWER SECTION:
p3x-dc.patrikx3.com. 900 IN A 192.168.78.20
*p3x-dc.patrikx3.com <http://p3x-dc.patrikx3.com>. 900 IN A 192.168.81.120*

;; Query time: 0 msec
;; SERVER: 192.168.78.20#53(192.168.78.20)
;; WHEN: Mon Aug 05 10:54:14 CEST 2019
;; MSG SIZE  rcvd: 108


*Patrik*
WWW <https://patrikx3.com> | GitHub <https://github.com/patrikx3/> | NPM
<https://www.npmjs.com/~patrikx3> | Corifeus <https://corifeus.com> | +36
20 342 8046




On Mon, Aug 5, 2019 at 10:52 AM Patrik <alabard at gmail.com> wrote:

> samba generates an unknown ip4 and ip6 address.
> here is my settings:
>
> root at server:/# ifconfig
> enp1s0f2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
>         inet 192.168.81.20  netmask 255.255.255.0  broadcast 192.168.81.255
>         inet6 fe80::21b:21ff:fea6:ce92  prefixlen 64  scopeid 0x20<link>
>         inet6 2001:470:1f1b:5b5:21b:21ff:fea6:ce92  prefixlen 64  scopeid
> 0x0<global>
>         inet6 2001:470:1f1b:5b5::20  prefixlen 128  scopeid 0x0<global>
>         ether 00:1b:21:a6:ce:92  txqueuelen 1000  (Ethernet)
>         RX packets 107157  bytes 21707511 (20.7 MiB)
>         RX errors 0  dropped 0  overruns 0  frame 0
>         TX packets 150336  bytes 86185199 (82.1 MiB)
>         TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
>         device memory 0xdf080000-df0fffff
>
> *enp1s0f3*: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
>      *   inet 192.168.78.20  netmask 255.255.255.0  broadcast
> 192.168.78.255*
>         inet6 fe80::21b:21ff:fea6:ce93  prefixlen 64  scopeid 0x20<link>
>         inet6 2001:470:1f1b:5b3::20  prefixlen 128  scopeid 0x0<global>
>        * inet6 2001:470:1f1b:5b3:21b:21ff:fea6:ce93  prefixlen 64
>  scopeid 0x0<global>*
>         ether 00:1b:21:a6:ce:93  txqueuelen 1000  (Ethernet)
>         RX packets 791340  bytes 177907393 (169.6 MiB)
>         RX errors 0  dropped 0  overruns 0  frame 0
>         TX packets 1134072  bytes 729814669 (696.0 MiB)
>         TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
>         device memory 0xdf000000-df07ffff
>
> lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
>         inet 127.0.0.1  netmask 255.0.0.0
>         inet6 ::1  prefixlen 128  scopeid 0x10<host>
>         loop  txqueuelen 1000  (Local Loopback)
>         RX packets 197393  bytes 107419197 (102.4 MiB)
>         RX errors 0  dropped 0  overruns 0  frame 0
>         TX packets 197393  bytes 107419197 (102.4 MiB)
>         TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
>
> *My bind settings is correct as well (i wanna use enp1s0f3):*
> root at server:/# cat /etc/bind/named.conf.local
> view "internal-enp1s0f3" {
>     match-clients { "internal-enp1s0f3"; };
>     match-recursive-only yes;
>     recursion yes;
>     allow-recursion { "internal-enp1s0f3"; };
>
>     notify yes;
>     allow-update { none; };
>     allow-query { any; };
>     allow-transfer { xfer; };
>     include "/etc/bind/named.conf.default-zones";
>
>     zone "patrikx3.com" {
>         type master;
>         file "/etc/bind/zones/enp1s0f3/patrikx3.com";
>
> *        include "/var/lib/samba/private/named.conf.update"; *    };
>
>     zone "corifeus.com" {
>         type master;
>         file "/etc/bind/zones/enp1s0f3/corifeus.com";
>     };
>
>     zone "gitlist.tk" {
>         type master;
>         file "/etc/bind/zones/enp1s0f3/gitlist.tk";
>     };
>
>     zone "albafructus.eu" {
>         type master;
>         file "/etc/bind/zones/enp1s0f3/albafructus.eu";
>     };
>
>
>     zone "fruitinfo.hu" {
>         type master;
>         file "/etc/bind/zones/enp1s0f3/fruitinfo.hu";
>     };
>
>
>     zone "venyimgyumolcse.hu" {
>         type master;
>         file "/etc/bind/zones/enp1s0f3/venyimgyumolcse.hu";
>     };
>
>
> *    include "/var/lib/samba/private/named.conf";*};
>
> view "internal-enp1s0f2" {
>     match-clients { "internal-enp1s0f2"; };
>     match-recursive-only yes;
>     recursion yes;
>     allow-recursion { "internal-enp1s0f2"; };
>      notify yes;
>     allow-update { none; };
>     allow-query { any; };
>     allow-transfer { xfer; };
>
>     include "/etc/bind/named.conf.default-zones";
>
>     zone "patrikx3.com" {
>         type master;
>         file "/etc/bind/zones/enp1s0f2/patrikx3.com";
>     };
>
>     zone "corifeus.com" {
>         type master;
>         file "/etc/bind/zones/enp1s0f2/corifeus.com";
>     };
>
>     zone "gitlist.tk" {
>         type master;
>         file "/etc/bind/zones/enp1s0f2/gitlist.tk";
>     };
>
>     zone "albafructus.eu" {
>         type master;
>         file "/etc/bind/zones/enp1s0f2/albafructus.eu";
>     };
>
>     zone "fruitinfo.hu" {
>         type master;
>         file "/etc/bind/zones/enp1s0f2/fruitinfo.hu";
>     };
>
>
>     zone "venyimgyumolcse.hu" {
>         type master;
>         file "/etc/bind/zones/enp1s0f2/venyimgyumolcse.hu";
>     };
>
> };
>
>
> view "external" {
>     match-clients { any; };
>
>     recursion no;
>     additional-from-auth no;
>     additional-from-cache no;
>
> //    allow-transfer { any; }; // temporarily allowed for debugging
> purposes
>     allow-transfer { none; };
>
> //    zone "namesystem.tk" IN {
> //        type master;
> //        file "/etc/bind/zones/external.namesystem.tk";
> //    };
> };
>
> *My samba looks like this:*
> # Global parameters
> [global]
>
> * bind interfaces only = yes*# if this is turned on, always perfect
> # interfaces = lo 192.168.78.20 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
> # interfaces = lo 192.168.78.20 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
> 192.168.81.20 2001:470:1f1b:5b5:21b:21ff:fea6:ce92
> #        interfaces = lo 192.168.81.20 2001:470:1f1b:5b5:21b:21ff:fea6:ce92
> # if all interfaces known, order is important, the last is the required
> # interfaces = lo 192.168.78.20 192.168.81.20
>
> # you can see it is should only allow on enp1s0f3 which is above
>
> *interfaces = lo enp1s0f3* netbios name = SERVER
> realm = P3X-DC.PATRIKX3.COM
> # server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
> winbindd, ntp_signd, kcc, dnsupdate
> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
> winbindd, ntp_signd, kcc
> workgroup = P3X-DC
> allow insecure wide links = Yes
> # before was working
> unix extensions = no
> server role = active directory domain controller
> idmap_ldb:use rfc2307 = yes
> comment =
> # log level = 3
> template shell = /bin/bash
> template homedir = /home/%U
>
> [netlogon]
> path = /var/lib/samba/sysvol/p3x-dc.patrikx3.com/scripts
> read only = No
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
>
> [media]
>         path = /media
>         read only = no
>         guest ok = no
>         force group = media
>         writable = yes
>
> [mounts]
>         path = /mnt
>         read only = no
>         guest ok = no
>         force group = mount
>         writable = yes
>
> [router-logs]
>         path = /var/log-router
>         read only = yes
>         guest ok = yes
>         writable = no
>         browseable = yes
> #       valid users = router
>         force user = root
>         follow symlinks = yes
>         wide links = yes
>
> Now when i do an nslookup or try to access my domain p3x-dc.patrikx3.com,
> it sometimes giving a wrong ip address:
> root at server:/# nslookup p3x-dc.patrikx3.com
> Server: 192.168.78.20
> Address: 192.168.78.20#53
>
>
>
> *Name: p3x-dc.patrikx3.com <http://p3x-dc.patrikx3.com>Address:
> 192.168.81.120*Name: p3x-dc.patrikx3.com
> Address: 192.168.78.20
>
>
> *Name: p3x-dc.patrikx3.com <http://p3x-dc.patrikx3.com>Address:
> 2001:470:1f1b:5b5:eeaa:a0ff:fe1b:4d84*Name: p3x-dc.patrikx3.com
> Address: 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
> Name: p3x-dc.patrikx3.com
> Address: 2001:470:1f1b:5b3::20
>
> *Where does Samba with DLZ Bind (correct versions as well) generates this
> ip addresses??? *
> *I tried everything an it still generates this weird always
> 192.168.81.120, when I am not even using this interface.*
> *The problem is that when i like wanna use or ping it rotating the ip
> address and sometimes i get the wrong. But who is gneerating it?*
>
> *I searched with grep since root (/) and there is no ip address anywhere
> 192.168.81.120. SO super weird!*
>
> *Patrik*
> WWW <https://patrikx3.com> | GitHub <https://github.com/patrikx3/> | NPM
> <https://www.npmjs.com/~patrikx3> | Corifeus <https://corifeus.com> | +36
> 20 342 8046
>
>
>


More information about the samba mailing list