[Samba] samba dlz. bind9 nslookup is wrong
Patrik
alabard at gmail.com
Mon Aug 5 08:55:56 UTC 2019
the dig is wrong as well, it adds an additional ip address, which i have
not request to use other interfaces:
root at server:/# dig p3x-dc.patrikx3.com
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> p3x-dc.patrikx3.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11190
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 66036a94bb3e1581462f8e255d47eeb6d1035f98f9f46c49 (good)
;; QUESTION SECTION:
;p3x-dc.patrikx3.com. IN A
;; ANSWER SECTION:
p3x-dc.patrikx3.com. 900 IN A 192.168.78.20
*p3x-dc.patrikx3.com <http://p3x-dc.patrikx3.com>. 900 IN A 192.168.81.120*
;; Query time: 0 msec
;; SERVER: 192.168.78.20#53(192.168.78.20)
;; WHEN: Mon Aug 05 10:54:14 CEST 2019
;; MSG SIZE rcvd: 108
*Patrik*
WWW <https://patrikx3.com> | GitHub <https://github.com/patrikx3/> | NPM
<https://www.npmjs.com/~patrikx3> | Corifeus <https://corifeus.com> | +36
20 342 8046
On Mon, Aug 5, 2019 at 10:52 AM Patrik <alabard at gmail.com> wrote:
> samba generates an unknown ip4 and ip6 address.
> here is my settings:
>
> root at server:/# ifconfig
> enp1s0f2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
> inet 192.168.81.20 netmask 255.255.255.0 broadcast 192.168.81.255
> inet6 fe80::21b:21ff:fea6:ce92 prefixlen 64 scopeid 0x20<link>
> inet6 2001:470:1f1b:5b5:21b:21ff:fea6:ce92 prefixlen 64 scopeid
> 0x0<global>
> inet6 2001:470:1f1b:5b5::20 prefixlen 128 scopeid 0x0<global>
> ether 00:1b:21:a6:ce:92 txqueuelen 1000 (Ethernet)
> RX packets 107157 bytes 21707511 (20.7 MiB)
> RX errors 0 dropped 0 overruns 0 frame 0
> TX packets 150336 bytes 86185199 (82.1 MiB)
> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
> device memory 0xdf080000-df0fffff
>
> *enp1s0f3*: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
> * inet 192.168.78.20 netmask 255.255.255.0 broadcast
> 192.168.78.255*
> inet6 fe80::21b:21ff:fea6:ce93 prefixlen 64 scopeid 0x20<link>
> inet6 2001:470:1f1b:5b3::20 prefixlen 128 scopeid 0x0<global>
> * inet6 2001:470:1f1b:5b3:21b:21ff:fea6:ce93 prefixlen 64
> scopeid 0x0<global>*
> ether 00:1b:21:a6:ce:93 txqueuelen 1000 (Ethernet)
> RX packets 791340 bytes 177907393 (169.6 MiB)
> RX errors 0 dropped 0 overruns 0 frame 0
> TX packets 1134072 bytes 729814669 (696.0 MiB)
> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
> device memory 0xdf000000-df07ffff
>
> lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
> inet 127.0.0.1 netmask 255.0.0.0
> inet6 ::1 prefixlen 128 scopeid 0x10<host>
> loop txqueuelen 1000 (Local Loopback)
> RX packets 197393 bytes 107419197 (102.4 MiB)
> RX errors 0 dropped 0 overruns 0 frame 0
> TX packets 197393 bytes 107419197 (102.4 MiB)
> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>
> *My bind settings is correct as well (i wanna use enp1s0f3):*
> root at server:/# cat /etc/bind/named.conf.local
> view "internal-enp1s0f3" {
> match-clients { "internal-enp1s0f3"; };
> match-recursive-only yes;
> recursion yes;
> allow-recursion { "internal-enp1s0f3"; };
>
> notify yes;
> allow-update { none; };
> allow-query { any; };
> allow-transfer { xfer; };
> include "/etc/bind/named.conf.default-zones";
>
> zone "patrikx3.com" {
> type master;
> file "/etc/bind/zones/enp1s0f3/patrikx3.com";
>
> * include "/var/lib/samba/private/named.conf.update"; * };
>
> zone "corifeus.com" {
> type master;
> file "/etc/bind/zones/enp1s0f3/corifeus.com";
> };
>
> zone "gitlist.tk" {
> type master;
> file "/etc/bind/zones/enp1s0f3/gitlist.tk";
> };
>
> zone "albafructus.eu" {
> type master;
> file "/etc/bind/zones/enp1s0f3/albafructus.eu";
> };
>
>
> zone "fruitinfo.hu" {
> type master;
> file "/etc/bind/zones/enp1s0f3/fruitinfo.hu";
> };
>
>
> zone "venyimgyumolcse.hu" {
> type master;
> file "/etc/bind/zones/enp1s0f3/venyimgyumolcse.hu";
> };
>
>
> * include "/var/lib/samba/private/named.conf";*};
>
> view "internal-enp1s0f2" {
> match-clients { "internal-enp1s0f2"; };
> match-recursive-only yes;
> recursion yes;
> allow-recursion { "internal-enp1s0f2"; };
> notify yes;
> allow-update { none; };
> allow-query { any; };
> allow-transfer { xfer; };
>
> include "/etc/bind/named.conf.default-zones";
>
> zone "patrikx3.com" {
> type master;
> file "/etc/bind/zones/enp1s0f2/patrikx3.com";
> };
>
> zone "corifeus.com" {
> type master;
> file "/etc/bind/zones/enp1s0f2/corifeus.com";
> };
>
> zone "gitlist.tk" {
> type master;
> file "/etc/bind/zones/enp1s0f2/gitlist.tk";
> };
>
> zone "albafructus.eu" {
> type master;
> file "/etc/bind/zones/enp1s0f2/albafructus.eu";
> };
>
> zone "fruitinfo.hu" {
> type master;
> file "/etc/bind/zones/enp1s0f2/fruitinfo.hu";
> };
>
>
> zone "venyimgyumolcse.hu" {
> type master;
> file "/etc/bind/zones/enp1s0f2/venyimgyumolcse.hu";
> };
>
> };
>
>
> view "external" {
> match-clients { any; };
>
> recursion no;
> additional-from-auth no;
> additional-from-cache no;
>
> // allow-transfer { any; }; // temporarily allowed for debugging
> purposes
> allow-transfer { none; };
>
> // zone "namesystem.tk" IN {
> // type master;
> // file "/etc/bind/zones/external.namesystem.tk";
> // };
> };
>
> *My samba looks like this:*
> # Global parameters
> [global]
>
> * bind interfaces only = yes*# if this is turned on, always perfect
> # interfaces = lo 192.168.78.20 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
> # interfaces = lo 192.168.78.20 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
> 192.168.81.20 2001:470:1f1b:5b5:21b:21ff:fea6:ce92
> # interfaces = lo 192.168.81.20 2001:470:1f1b:5b5:21b:21ff:fea6:ce92
> # if all interfaces known, order is important, the last is the required
> # interfaces = lo 192.168.78.20 192.168.81.20
>
> # you can see it is should only allow on enp1s0f3 which is above
>
> *interfaces = lo enp1s0f3* netbios name = SERVER
> realm = P3X-DC.PATRIKX3.COM
> # server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
> winbindd, ntp_signd, kcc, dnsupdate
> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
> winbindd, ntp_signd, kcc
> workgroup = P3X-DC
> allow insecure wide links = Yes
> # before was working
> unix extensions = no
> server role = active directory domain controller
> idmap_ldb:use rfc2307 = yes
> comment =
> # log level = 3
> template shell = /bin/bash
> template homedir = /home/%U
>
> [netlogon]
> path = /var/lib/samba/sysvol/p3x-dc.patrikx3.com/scripts
> read only = No
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
>
> [media]
> path = /media
> read only = no
> guest ok = no
> force group = media
> writable = yes
>
> [mounts]
> path = /mnt
> read only = no
> guest ok = no
> force group = mount
> writable = yes
>
> [router-logs]
> path = /var/log-router
> read only = yes
> guest ok = yes
> writable = no
> browseable = yes
> # valid users = router
> force user = root
> follow symlinks = yes
> wide links = yes
>
> Now when i do an nslookup or try to access my domain p3x-dc.patrikx3.com,
> it sometimes giving a wrong ip address:
> root at server:/# nslookup p3x-dc.patrikx3.com
> Server: 192.168.78.20
> Address: 192.168.78.20#53
>
>
>
> *Name: p3x-dc.patrikx3.com <http://p3x-dc.patrikx3.com>Address:
> 192.168.81.120*Name: p3x-dc.patrikx3.com
> Address: 192.168.78.20
>
>
> *Name: p3x-dc.patrikx3.com <http://p3x-dc.patrikx3.com>Address:
> 2001:470:1f1b:5b5:eeaa:a0ff:fe1b:4d84*Name: p3x-dc.patrikx3.com
> Address: 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
> Name: p3x-dc.patrikx3.com
> Address: 2001:470:1f1b:5b3::20
>
> *Where does Samba with DLZ Bind (correct versions as well) generates this
> ip addresses??? *
> *I tried everything an it still generates this weird always
> 192.168.81.120, when I am not even using this interface.*
> *The problem is that when i like wanna use or ping it rotating the ip
> address and sometimes i get the wrong. But who is gneerating it?*
>
> *I searched with grep since root (/) and there is no ip address anywhere
> 192.168.81.120. SO super weird!*
>
> *Patrik*
> WWW <https://patrikx3.com> | GitHub <https://github.com/patrikx3/> | NPM
> <https://www.npmjs.com/~patrikx3> | Corifeus <https://corifeus.com> | +36
> 20 342 8046
>
>
>
More information about the samba
mailing list