[Samba] no DNS functionality on second subnet

[Rowland penny]

On 30/08/2019 07:00, Andreas Habel via samba wrote:
> -----Original Message-----
> From: samba <samba-bounces at lists.samba.org> On Behalf Of Rowland penny via samba
> Sent: torsdag 29. august 2019 16:33
> To: samba at lists.samba.org
> Subject: Re: [Samba] no DNS functionality on second subnet
>
> On 29/08/2019 13:50, Andreas Habel via samba wrote:
>> Hi,  > > we have successfully installed our samba4 AD domain with AD
>> DC,
> smb > file server and Windows/Linux clients in the same subnet. > > Now we try to add a couple of Windows PCs to the domain that are > located in a different subnet. As soon as the AD DC is added as the > DNS server on the Windows clients it is no longer possible to resolve > ip addresses. In other words, for those PCs DNS is not working. > > We added - the new clients to our DNS using samba-tool dns add > - a new reverse lookup zone for the new subnet and filled it > using samba-tool dns add - a new subnet in RSAT Active > Directory Sites and Services > > Routing seems to be OK - we can run telnet <IP of AD DC> 53 from one > of the "new" Windows clients and a connection will be established. > However, analyses from wireshark/tshark show that on DNS requests > there is never an answer from our AD DC. > > It seems that we are missing something here - any help would be > appreciated. > > Andreas
> [[AH:]]
>
> Does 'telnet <DC short hostname> 53' work ?
>
> Rowland
>
> No, neither short name or FQDN work:
>
> C:\Users\Administrator>telnet smbdc 53
> Connecting To smbdc...Could not open connection to the host, on port 53: Connect failed
>
> C:\Users\Administrator>telnet smbdc.ier.ux.uis.no 53
> Connecting To smbdc.ier.ux.uis.no...Could not open connection to the host, on port 53: Connect failed
>
>
> Andreas

Then you have DNS problems, is a firewall running blocking port 53 ?

Do dns lookup commands on the client work ?

Rowland