[Samba] AD DLZ backend - 'proper' way of doing it
Zdravko Zdravkov
nirayah at gmail.com
Fri Jun 28 14:54:27 UTC 2019
re-sending, to the Samba lists as well..
Hi Louis.
Is this setup close to mine? I mean, are those forward records set on
external DNS server, pointing to the Samba?
On Fri, Jun 28, 2019 at 3:06 PM L.P.H. van Belle via samba <
samba at lists.samba.org> wrote:
> Hai,
>
> If the setup is done correctly this shoud work fine
> Setup a (caching) bind9 dns server and add for every needed zone a
> forward.
>
> zone "primary.dnsdomain.tld" {
> type forward;
> forwarders { 192.168.1.2; 192.168.1.1; };
> };
>
> zone "168.192.in-addr.arpa" {
> type forward;
> forwarders { 192.168.1.2; 192.168.1.1; };
> };
>
> And your done.
>
> I use this on my 3 split-networked servers for years now.
>
> Greetz,
>
> Louis
>
>
>
Rowland,
What is '192.168.40.5', this is what replied.
that's my Samba AD server. Just forgot to "mask" it :-)
Also,
> All i can say is, yes, i did notice these slow downs also.
> And after, the change between 4.5-4.8 to 4.9-4.10 is really noticable.
> Even my users noticed this.
We noticed it as we had an high traffic FTP server using the samba_dlz DNS
backend. The speeds dropped significantly (iirc 10 times lower download
speeds after 2 weeks of usage).
Also, I'd like to quote Andrew Bartlett from last summer:
Each DNS lookup takes the Samba DB lock, no matter what the zone. This
> appears to be the main issue here.
>
> We need to cache the list of zones we have so we don't need to get the
> lock.
> In the meantime, set your FTP server to reference a caching BIND9 that
> only forwards the Samba zone to the Samba DC.
>
>
> Andrew Bartlett
so that's why I configured my setup the way I showed in my first mail here.
More information about the samba
mailing list