[Samba] split horizon and authoritative answers..?

L.P.H. van Belle belle at bazuin.nl
Tue Jul 30 08:59:07 UTC 2019


Ah, ok, my thats where its different here. 

My setup is AD-DNS => eth0 Server_split_DNS (Proxy) eth1 => internet 


> -----Oorspronkelijk bericht-----
> Van: Joachim Lindenberg [mailto:samba at lindenberg.one] 
> Verzonden: dinsdag 30 juli 2019 10:44
> Aan: 'L.P.H. van Belle'; samba at lists.samba.org
> Onderwerp: AW: [Samba] split horizon and authoritative answers..?
> 
> Hai Louis,
> unfortunately I think that´s not really an option. My DCs are 
> not running on the firewall but as a virtual machine, and 
> thus I don´t really see an option for multiple interfaces.. 
Nope, then thats not needed. 

> and also I don´t really want to open port 53 externally.
For that there are firewalls. ;-) 

> But I just switched the DNS backend of my 2nd DC from 
> internal to bind, and with that split horizon works as I 
> already indicated in my first mail. 
Ah, i missed that. 

> What I am struggling with though is inappropriate 
> out-of-the-box apparmor configuration. I resorted to 
> aa-complain /usr/sbin/named... 

Samba version? 
And what did you change exactly. 



> any chance that this is going to be improved?
If i know what,i then i can tell. 

> Thanks, Joachim

Greetz, 

Louis




More information about the samba mailing list