[Samba] Samba4 Internal DNS and pfSense DNS Resolver
Leonardo Yanes Batista
informatico at alficsa.co.cu
Wed Jul 10 21:20:43 UTC 2019
Thank you all so much for your help.
# [ mailto:sonicsmith at gmail.com | sonicsmith at gmail.com ] you have given me the north to find the solution to my problem. pfSense has a service called DNS Resolver (Unbound), within its configuration has a section called Host Overrides and Domain Overrides. Within Host Overrides, I defined the servers that I have in my DMZ, and within the Domain Overrides table I defined that everything that comes to domain.tld must be redirected to my main domain controller 10.10.20.2 (SAMBA4). Then I configured my clients to use only pfSense as a DNS server, and now I can get DNS replies. Thank you.
From: "Sonic" <sonicsmith at gmail.com>
To: "Leonardo Yanes Batista" <informatico at alficsa.co.cu>
Cc: "samba" <samba at lists.samba.org>
Sent: Wednesday, July 10, 2019 3:53:05 PM
Subject: Re: [Samba] Samba4 Internal DNS and pfSense DNS Resolver
I don't use pfSense but I do use Unbound (pfSense may use it) as a DNS cache for my networks. Basic setup is all clients use the Unbound server for DNS resolution, and Unbound has a stub-zone (or zones) that point(s) to the authoritative DNS server(s) - in some cases it's a Samba AD, in some a Windows AD or in others another authoritative server such as NSD. The authoritative DNS servers do no recursion.
It's quite flexible and if you need/want you can easily inject records and/or hijack domains.
More information about the samba