[Samba] DNS replication issue

Ilias Chasapakis forumZFD chasapakis at forumZFD.de
Wed Dec 18 13:07:02 UTC 2019


We are setting up 2 AD machines:

New machine with subnet Version
4.10.11-SerNet-Debian-10.buster Bind version 9.11.5

Existing machine 1 with subnet Version
4.10.11-SerNet-Debian-10.stretch Bind version 9.10.3

Existing machine 2 with subnet  Version
4.10.11-SerNet-Debian-10.stretch Bind version 9.10.3

All with BIND_DLZ backend, same /etc/bind/named.conf.options,

This is an extract from /etc/bind/named.conf.options allowing querying:

dnssec-validation no;
    dnssec-enable no;
    dnssec-lookaside no;

    auth-nxdomain no;    # conform to RFC1035

    allow-recursion { any; };
    allow-query { any; };
    allow-query-cache { any; };

    listen-on-v6 { any; };

The only difference between them is in the file


 # For BIND 9.11.x
     database "dlopen

 # For BIND 9.10.x
    # database "dlopen

# For BIND 9.10.x
    # database "dlopen


We created the A and PTR records on the new one and they don´t appear on
the existing ones. If we create them on an existing one instead they
appear on the new one.

Updating an existing machine to debian buster doesn´t help.

Could it be that the versions of bind are different what actually
prevent the new one from being visible i.e. the DNS from

Best regards.

Entschieden für Frieden|Committed to Peace

Ilias Chasapakis

Forum Ziviler Friedensdienst e.V.|Forum Civil Peace Service
Am Kölner Brett 8 | 50825 Köln | Germany

Tel 0221 91273233 | Fax 0221 91273299 |

Vorstand nach § 26 BGB, einzelvertretungsberechtigt|Executive Board:
Oliver Knabe (Vorsitz|Chair), Sonja Wiekenberg-Mlalandle, Alexander Mauz
VR 17651 Amtsgericht Köln

Spenden|Donations: IBAN DE37 3702 0500 0008 2401 01 BIC BFSWDE33XXX

More information about the samba mailing list