[Samba] tons of dns errors in log.samba

Andrew Bartlett abartlet at samba.org
Tue Dec 1 17:39:31 UTC 2020 

The error isn't about a zone update, it is about a failure to marshal a
packet:

		/* If you have run out of forwarders, simply finish */
		if (state->forwarders == NULL) {
			werr2 = add_zone_authority_record(state->dns,
							  state,
							  state-
>question,
							  &state-
>nsrecs);
			if (tevent_req_werror(req, werr2)) {
				DBG_WARNING("Failed to add SOA record:
%s\n",
					    win_errstr(werr2));
				return;
			}

Now I've not looked into what can cause this, but look into your DNS
forwarders in the smb.conf.

Andrew Bartlett

On Tue, 2020-12-01 at 17:21 +0800, Adam Xu via samba wrote:
> Hi All
> 
> I try to use tcpdump to check the network packets. it shows a lot of 
> requests like:
> 
> 192.168.60.73.56606 > dc1.example.com.domain: 56064 update [1a] [3n] 
> SOA? example.com. (102)
> 
> I don't know why so much domain members try to update the SOA record.
> 
> What are the possible causes of this situation?
> 
> 在 2020/11/27 8:40, Adam Xu via samba 写道:
> > 在 2020/11/26 17:59, Rowland penny via samba 写道:
> > > On 26/11/2020 08:17, Adam Xu via samba wrote:
> > > > Hi everybody
> > > > 
> > > > any help?
> > > > 
> > > > 在 2020/11/25 8:50, Adam Xu via samba 写道:
> > > > > Hi samba devs
> > > > > 
> > > > > My samba AD DC has worked for several years. I upgrade it
> > > > > from 4.6 
> > > > > to 4.7 to 4.8 ....and now it's version is 4.12.10.
> > > > > 
> > > > > My OS is centos7 and I use the sernet samba repo.
> > > > > 
> > > > > Yesterday, I saw that my log.samba file was very large. tons
> > > > > of 
> > > > > errors like:
> > > > > 
> > > > > [2020/11/25 08:35:09.299194,  1] 
> > > > > ../../source4/dns_server/dns_query.c:1141(dns_server_process_
> > > > > query_got_auth)
> > > > >   dns_server_process_query_got_auth: Failed to add SOA
> > > > > record: 
> > > > > WERR_DNS_ERROR_RCODE_FORMAT_ERROR
> > > > > [2020/11/25 08:35:09.315638,  1] 
> > > > > ../../source4/dns_server/dns_query.c:1141(dns_server_process_
> > > > > query_got_auth)
> > > > >   dns_server_process_query_got_auth: Failed to add SOA
> > > > > record: 
> > > > > WERR_DNS_ERROR_RCODE_FORMAT_ERROR
> > > > > [2020/11/25 08:35:09.733265,  1] 
> > > > > ../../source4/dns_server/dns_query.c:1141(dns_server_process_
> > > > > query_got_auth)
> > > > >   dns_server_process_query_got_auth: Failed to add SOA
> > > > > record: 
> > > > > WERR_DNS_ERROR_RCODE_FORMAT_ERROR
> > > > > [2020/11/25 08:35:09.822746,  1] 
> > > > > ../../source4/dns_server/dns_query.c:1141(dns_server_process_
> > > > > query_got_auth)
> > > > >   dns_server_process_query_got_auth: Failed to add SOA
> > > > > record: 
> > > > > WERR_DNS_ERROR_RCODE_FORMAT_ERROR
> > > > > 
> > > > > about 3 log entries per second.
> > > > > 
> > > > > here's the smb.conf file:
> > > > > 
> > > > > [global]
> > > > >     netbios name = DC1
> > > > >     realm = EXAMPLE.COM
> > > > >     workgroup = EXAMPLE
> > > > >     dns forwarder = 119.29.29.29 8.8.4.4
> > > > >     server role = active directory domain controller
> > > > >     idmap_ldb:use rfc2307 = yes
> > > > >     rpc server port = 49152
> > > > >     rpc server port:netlogon = 49153
> > > > >     rpc server port:drsuapi = 49154
> > > > >     log level = 1 auth_json_audit:3@/var/log/samba/auth.log
> > > > >     ntlm auth = mschapv2-and-ntlmv2-only
> > > > > 
> > > > > [netlogon]
> > > > >     path = /var/lib/samba/sysvol/adagene.cn/scripts
> > > > >     read only = No
> > > > > 
> > > > > [sysvol]
> > > > >     path = /var/lib/samba/sysvol
> > > > >     read only = No
> > > > > 
> > > > > If I blocked the port 53, the error log will stop.
> > > > > 
> > > > > although there are tons of dns errors, my AD works OK now.
> > > > > 
> > > > > Can anyone tell me what causes so many error logs. Is that
> > > > > matters?
> > > > > 
> > > It sounds like something is sending a malformed request and your
> > > dns 
> > > server is rejecting it, have you recently added another DC ?
> > 
> > yes, I added a RODC recently.  And I have 2 RW DCs and 1 RODC now.
> > 
> > SOA record is dc1.example.com.
> > 
> > > Rowland
> > > 
> > > 
> > > 
-- 
Andrew Bartlett (he/him)       https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT   https://catalyst.net.nz/services/samba

More information about the samba mailing list