[Samba] no DNS functionality on second subnet

Andreas Habel andreas.habel at uis.no
Fri Aug 30 08:42:58 UTC 2019 


> -----Original Message-----
> From: samba <samba-bounces at lists.samba.org> On Behalf Of Rowland penny via
> samba
> Sent: fredag 30. august 2019 09:57
> To: samba at lists.samba.org
> Subject: Re: [Samba] no DNS functionality on second subnet
> 
> On 30/08/2019 07:00, Andreas Habel via samba wrote:
> > -----Original Message-----
> > From: samba <samba-bounces at lists.samba.org> On Behalf Of Rowland penny
> > via samba
> > Sent: torsdag 29. august 2019 16:33
> > To: samba at lists.samba.org
> > Subject: Re: [Samba] no DNS functionality on second subnet
> >
> > On 29/08/2019 13:50, Andreas Habel via samba wrote:
> >> Hi,  > > we have successfully installed our samba4 AD domain with AD
> >> DC,
> > smb > file server and Windows/Linux clients in the same subnet. > >
> > Now we try to add a couple of Windows PCs to the domain that are >
> > located in a different subnet. As soon as the AD DC is added as the >
> > DNS server on the Windows clients it is no longer possible to resolve
> > > ip addresses. In other words, for those PCs DNS is not working. > >
> > We added - the new clients to our DNS using samba-tool dns add > - a
> > new reverse lookup zone for the new subnet and filled it > using
> > samba-tool dns add - a new subnet in RSAT Active > Directory Sites and
> > Services > > Routing seems to be OK - we can run telnet <IP of AD DC>
> > 53 from one > of the "new" Windows clients and a connection will be
> > established. > However, analyses from wireshark/tshark show that on
> > DNS requests > there is never an answer from our AD DC. > > It seems
> > that we are missing something here - any help would be > appreciated.
> > > > Andreas [[AH:]]
> >
> > Does 'telnet <DC short hostname> 53' work ?
> >
> > Rowland
> >
> > No, neither short name or FQDN work:
> >
> > C:\Users\Administrator>telnet smbdc 53 Connecting To smbdc...Could not
> > open connection to the host, on port 53: Connect failed
> >
> > C:\Users\Administrator>telnet smbdc.ier.ux.uis.no 53 Connecting To
> > smbdc.ier.ux.uis.no...Could not open connection to the host, on port
> > 53: Connect failed
> >
> >
> > Andreas
> 
> Then you have DNS problems, is a firewall running blocking port 53 ?
> 
> Do dns lookup commands on the client work ?
> 

No, all kind of lookups (to the DC, intern or external hosts) fail with a timeout. This applies to clients on the "new" subnet. Lookups work on clients that are on the same subnet as the DC.

Andreas

More information about the samba mailing list