[Samba] split horizon and authoritative answers..?
L.P.H. van Belle
belle at bazuin.nl
Tue Jul 30 08:59:07 UTC 2019
Ah, ok, my thats where its different here.
My setup is AD-DNS => eth0 Server_split_DNS (Proxy) eth1 => internet
> -----Oorspronkelijk bericht-----
> Van: Joachim Lindenberg [mailto:samba at lindenberg.one]
> Verzonden: dinsdag 30 juli 2019 10:44
> Aan: 'L.P.H. van Belle'; samba at lists.samba.org
> Onderwerp: AW: [Samba] split horizon and authoritative answers..?
> Hai Louis,
> unfortunately I think that´s not really an option. My DCs are
> not running on the firewall but as a virtual machine, and
> thus I don´t really see an option for multiple interfaces..
Nope, then thats not needed.
> and also I don´t really want to open port 53 externally.
For that there are firewalls. ;-)
> But I just switched the DNS backend of my 2nd DC from
> internal to bind, and with that split horizon works as I
> already indicated in my first mail.
Ah, i missed that.
> What I am struggling with though is inappropriate
> out-of-the-box apparmor configuration. I resorted to
> aa-complain /usr/sbin/named...
And what did you change exactly.
> any chance that this is going to be improved?
If i know what,i then i can tell.
> Thanks, Joachim
More information about the samba