[Samba] Samba + BIND9 DLZ. DNS dosen't resolve FQDN, only short hostname
L.P.H. van Belle
belle at bazuin.nl
Wed Feb 20 10:17:05 UTC 2019
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Mgr.
> Peter Tuharsky via samba
> Verzonden: woensdag 20 februari 2019 10:28
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Samba + BIND9 DLZ. DNS dosen't resolve
> FQDN, only short hostname
> Well, the mystery is solved. It WAS Avahi, in a way...
This is said wrong. ...
> Eventhough it was disabled as a daemon,
> it still haunted the system by the means of nsswitch.conf
> In the 'hosts' line, the Debian default entry 'mdns4_minimal
> [NOTFOUND=return]' does exactly what we don't want - for
> .local domains
> it asks Avahi and if it dosen't know, it never asks the other
> such as dns etc.
And wrong is `the domain is .local`
Why o why is .local use. That is a reserved name for mDNS (avahi).. Yes.
So what happend here is TOTALY CORRECT. Here the problem is you are using .local
> I hope the documentation (Wiki) should be more vocal about that - that
> if the domain is .local, the 'dns' entry MUST precede 'mdns4_minimal'
> and 'mdns4' entries.
Possible yes, but if correctly setup, not needed.
And a bit ahead thinking people... Future systems, will mostly use systemd, if we like it or not.
Then if systemd is use correctly and you use the systemd-resolvd, you get this.
A random new server im setting up, not a samba server, but that not the point, the point is resolving,
And what you see in this output.
sudo resolvectl ( the defaults )
LLMNR setting: yes
MulticastDNS setting: yes
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Fallback DNS Servers: 220.127.116.11
DNSSEC NTA: 10.in-addr.arpa
So what you shouldn't be using for samba domains:
More ahead, about LLMNR
Network Basic Input/Output System (NetBIOS)
Peer Name Resolution Protocol (Pt DNS (mDNS)
Zero-configuration networking (Zeroconf)
Now mix this and what do you get.
Samba + avahi and the use for LLMNR to replace netbios.
But is this what you want..
I dont think so.
Read : https://www.blackhillsinfosec.com/how-to-disable-llmnr-why-you-want-to/
So why again is it so important to have a perfect dns setup.....
So you dont have to use LLMNR or netbios anymore.
But if you setup correct, avahi and dns can exist fine on a samba network.
But again, this is my personal opinion, not recommended.
More information about the samba