[Samba] New DNS-Records not aviable
Christian Naumer
cn at brain-biotech.de
Mon Feb 10 10:13:59 UTC 2020
Funny you should post this now. I was just cleaning up some DNS records
and the following happend.
I had to PTR records with an empty timestamp. I deleted them and wanted
to recreate them.
My reverse Zones are
0.168.192.in-addr.arpa
and
2.168.192.in-addr.arpa
both of the records I delted were in the "0" zone.
The first i recreated with:
samba-tool dns add dc1 0.168.192.in-addr.arpa 212 PTR drac.domain.de
works as expected
samba-tool dns add dc1 0.168.192.in-addr.arpa 80 PTR device.domain.de
And this gets created in the "2" zone.
If I try the same comamnd again it says entry exits. So it really thinks
it is creating in the right zone.
I tried using the Windows DNS tool and it created the entry in the same
wrong zone!
Weird!
I got it to created the right record by expunging all tombstones on all DCs.
I don't know if this is related but it sound similar.
Regards
Christian
Am 10.02.20 um 10:44 schrieb Heinz Hölzl via samba:
> hi again.
>
> after some tests, (on my operational domain and on a new testdomain) i
> detected this behavior:
>
>
>
> on samba 4.11.6 sometimes the new DNS-records finisches on a wrong dns
> zone.
>
> the problem occurs, if more then 5 records are created with the same
> name in more then one domain zone
>
> for example:
> testa1.jupiter.mydom.org
> testa2.jupiter.mydom.org
> testa3.jupiter.mydom.org
> testa4.jupiter.mydom.org
> testa5.jupiter.mydom.org
> testa6.jupiter.mydom.org
> testa7.jupiter.mydom.org
> ...
> testa1.saturn.mydom.org
> testa2.saturn.mydom.org
> testa3.saturn.mydom.org
> te
> sta4.saturn.mydom.org
> testa5.saturn.mydom.org
> testa6.saturn.mydom.org
> test
> a7.saturn.mydom.org
> ...
>
>
>
> can anyone confirm this ?
>
>
>
> To reproduce:
> 1. create a new domain zone (jupiter.mydom.org) and create 10 A records
> (testa1-testa10 -> 192.168.1.1-192.168.1.10 )
> and 10 CNAME (testc1-testc10 -> testa1-testa10) in the new zone
>
>
> samba-tool dns zonecreate dc2 jupiter.mydom.org
> samba-tool dns add dc2 jupiter.mydom.org testa1 A 192.168.1.1
> samba-tool dns add dc2 jupiter.mydom.org testc1 CNAME
> testa1.jupiter.mydom.org
> samba-tool dns add dc2 jupiter.mydom.org testa2 A 192.168.1.2
> samba-tool dns add dc2 jupiter.mydom.org testc2 CNAME
> testa2.jupiter.mydom.org
> samba-tool dns add dc2 jupiter.mydom.org testa3 A 192.168.1.3
> samba-tool dns add dc2 jupiter.mydom.org testc3 CNAME
> testa3.jupiter.mydom.org
> samba-tool dns add dc2 jupiter.mydom.org testa4 A 192.168.1.4
> samba-tool dns add dc2 jupiter.mydom.org testc4 CNAME
> testa4.jupiter.mydom.org
> samba-tool dns add dc2 jupiter.mydom.org testa5 A 192.168.1.5
> samba-tool dns add dc2 jupiter.mydom.org testc5 CNAME
> testa5.jupiter.mydom.org
> samba-tool dns add dc2 jupiter.mydom.org testa6 A 192.168.1.6
> samba-tool dns add dc2 jupiter.mydom.org testc6 CNAME
> testa6.jupiter.mydom.org
> samba-tool dns add dc2 jupiter.mydom.org testa7 A 192.168.1.7
> samba-tool dns add dc2 jupiter.mydom.org testc7 CNAME
> testa7.jupiter.mydom.org
> samba-tool dns add dc2 jupiter.mydom.org testa8 A 192.168.1.8
> samba-tool dns add dc2 jupiter.mydom.org testc8 CNAME
> testa8.jupiter.mydom.org
> samba-tool dns add dc2 jupiter.mydom.org testa9 A 192.168.1.9
> samba-tool dns add dc2 jupiter.mydom.org testc9 CNAME
> testa9.jupiter.mydom.org
> samba-tool dns add dc2 jupiter.mydom.org testa10 A 192.168.1.10
> samba-tool dns add dc2 jupiter.mydom.org testc10 CNAME
> testa10.jupiter.mydom.org
>
>
> The result until here is as expected:
>
> samba-tool dns query dc2 jupiter.mydom.org jupiter.mydom.org all
> Name=, Records=2, Children=0
> SOA: serial=21, refresh=900, retry=600, expire=86400, minttl=3600,
> ns=dc2.mydom.org., email=hostmaster.mydom.org. (flags=600000f0,
> serial=21, ttl=3600)
> NS: dc2.mydom.org. (flags=600000f0, serial=1, ttl=3600)
> Name=testa1, Records=1, Children=0
> A: 192.168.1.1 (flags=f0, serial=2, ttl=900)
> Name=testa10, Records=1, Children=0
> A: 192.168.1.10 (flags=f0, serial=20, ttl=900)
> Name=testa2, Records=1, Children=0
> A: 192.168.1.2 (flags=f0, serial=4, ttl=900)
> Name=testa3, Records=1, Children=0
> A: 192.168.1.3 (flags=f0, serial=6, ttl=900)
> Name=testa4, Records=1, Children=0
> A: 192.168.1.4 (flags=f0, serial=8, ttl=900)
> Name=testa5, Records=1, Children=0
> A: 192.168.1.5 (flags=f0, serial=10, ttl=900)
> Name=testa6, Records=1, Children=0
> A: 192.168.1.6 (flags=f0, serial=12, ttl=900)
> Name=testa7, Records=1, Children=0
> A: 192.168.1.7 (flags=f0, serial=14, ttl=900)
> Name=testa8, Records=1, Children=0
> A: 192.168.1.8 (flags=f0, serial=16, ttl=900)
> Name=testa9, Records=1, Children=0
> A: 192.168.1.9 (flags=f0, serial=18, ttl=900)
> Name=testc1, Records=1, Children=0
> CNAME: testa1.jupiter.mydom.org. (flags=f0, serial=3, ttl=900)
> Name=testc10, Records=1, Children=0
> CNAME: testa10.jupiter.mydom.org. (flags=f0, serial=21, ttl=900)
> Name=testc2, Records=1, Children=0
> CNAME: testa2.jupiter.mydom.org. (flags=f0, serial=5, ttl=900)
> Name=testc3, Records=1, Children=0
> CNAME: testa3.jupiter.mydom.org. (flags=f0, serial=7, ttl=900)
> Name=testc4, Records=1, Children=0
> CNAME: testa4.jupiter.mydom.org. (flags=f0, serial=9, ttl=900)
> Name=testc5, Records=1, Children=0
> CNAME: testa5.jupiter.mydom.org. (flags=f0, serial=11, ttl=900)
> Name=testc6, Records=1, Children=0
> CNAME: testa6.jupiter.mydom.org. (flags=f0, serial=13, ttl=900)
> Name=testc7, Records=1, Children=0
> CNAME: testa7.jupiter.mydom.org. (flags=f0, serial=15, ttl=900)
> Name=testc8, Records=1, Children=0
> CNAME: testa8.jupiter.mydom.org. (flags=f0, serial=17, ttl=900)
> Name=testc9, Records=1, Children=0
> CNAME: testa9.jupiter.mydom.org. (flags=f0, serial=19, ttl=900)
>
>
>
>
> 2. create a other domain zone (saturn.mydom.org) and create the same 10
> A records (testa1-testa10 -> 192.168.2.1-192.168.2.10)
> and the same 10 CNAME (testc1-testc10 -> testa1-testa10) in the
> second zone
>
> now, the first 5 A and the first 5 CNAME goes tho the second zone
> (saturn.mydom.org), but the rest is located in the wrong zone
> (jupiter.mydom.org)
>
> samba-tool dns zonecreate dc2 saturn.mydom.org
> samba-tool dns add dc2 saturn.mydom.org testa1 A 192.168.2.1
> samba-tool dns add dc2 saturn.mydom.org testc1 CNAME
> testa1.saturn.mydom.org
> samba-tool dns add dc2 saturn.mydom.org testa2 A 192.168.2.2
> samba-tool dns add dc2 saturn.mydom.org testc2 CNAME
> testa2.saturn.mydom.org
> samba-tool dns add dc2 saturn.mydom.org testa3 A 192.168.2.3
> samba-tool dns add dc2 saturn.mydom.org testc3 CNAME
> testa3.saturn.mydom.org
> samba-tool dns add dc2 saturn.mydom.org testa4 A 192.168.2.4
> samba-tool dns add dc2 saturn.mydom.org testc4 CNAME
> testa4.saturn.mydom.org
> samba-tool dns add dc2 saturn.mydom.org testa5 A 192.168.2.5
> samba-tool dns add dc2 saturn.mydom.org testc5 CNAME
> testa5.saturn.mydom.org
> samba-tool dns add dc2 saturn.mydom.org testa6 A 192.168.2.6
> samba-tool dns add dc2 saturn.mydom.org testc6 CNAME
> testa6.saturn.mydom.org
> samba-tool dns add dc2 saturn.mydom.org testa7 A 192.168.2.7
> samba-tool dns add dc2 saturn.mydom.org testc7 CNAME
> testa7.saturn.mydom.org
> samba-tool dns add dc2 saturn.mydom.org testa8 A 192.168.2.8
> samba-tool dns add dc2 saturn.mydom.org testc8 CNAME
> testa8.saturn.mydom.org
> samba-tool dns add dc2 saturn.mydom.org testa9 A 192.168.2.9
> samba-tool dns add dc2 saturn.mydom.org testc9 CNAME
> testa9.saturn.mydom.org
> samba-tool dns add dc2 saturn.mydom.org testa10 A 192.168.2.10
> samba-tool dns add dc2 saturn.mydom.org testc10 CNAME
> testa10.saturn.mydom.org
>
>
> Now the new result is:
>
> samba-tool dns query dc2 saturn.mydom.org saturn.mydom.org all
> Name=, Records=2, Children=0
> SOA: serial=21, refresh=900, retry=600, expire=86400, minttl=3600,
> ns=dc2.mydom.org., email=hostmaster.mydom.org. (flags=600000f0,
> serial=21, ttl=3600)
> NS: dc2.mydom.org. (flags=600000f0, serial=1, ttl=3600)
> Name=testa1, Records=1, Children=0
> A: 192.168.2.1 (flags=f0, serial=2, ttl=900)
> Name=testa2, Records=1, Children=0
> A: 192.168.2.2 (flags=f0, serial=4, ttl=900)
> Name=testa3, Records=1, Children=0
> A: 192.168.2.3 (flags=f0, serial=6, ttl=900)
> Name=testa4, Records=1, Children=0
> A: 192.168.2.4 (flags=f0, serial=8, ttl=900)
> Name=testa5, Records=1, Children=0
> A: 192.168.2.5 (flags=f0, serial=10, ttl=900)
> Name=testc1, Records=1, Children=0
> CNAME: testa1.saturn.mydom.org. (flags=f0, serial=3, ttl=900)
> Name=testc2, Records=1, Children=0
> CNAME: testa2.saturn.mydom.org. (flags=f0, serial=5, ttl=900)
> Name=testc3, Records=1, Children=0
> CNAME: testa3.saturn.mydom.org. (flags=f0, serial=7, ttl=900)
> Name=testc4, Records=1, Children=0
> CNAME: testa4.saturn.mydom.org. (flags=f0, serial=9, ttl=900)
> Name=testc5, Records=1, Children=0
> CNAME: testa5.saturn.mydom.org. (flags=f0, serial=11, ttl=900)
>
>
> samba-tool dns query dc2 jupiter.mydom.org jupiter.mydom.org all
> Name=, Records=2, Children=0
> SOA: serial=21, refresh=900, retry=600, expire=86400, minttl=3600,
> ns=dc2.mydom.org., email=hostmaster.mydom.org. (flags=600000f0,
> serial=21, ttl=3600)
> NS: dc2.mydom.org. (flags=600000f0, serial=1, ttl=3600)
> Name=testa1, Records=1, Children=0
> A: 192.168.1.1 (flags=f0, serial=2, ttl=900)
> Name=testa10, Records=2, Children=0
> A: 192.168.1.10 (flags=f0, serial=20, ttl=900)
> A: 192.168.2.10 (flags=f0, serial=20, ttl=900)
> Name=testa2, Records=1, Children=0
> A: 192.168.1.2 (flags=f0, serial=4, ttl=900)
> Name=testa3, Records=1, Children=0
> A: 192.168.1.3 (flags=f0, serial=6, ttl=900)
> Name=testa4, Records=1, Children=0
> A: 192.168.1.4 (flags=f0, serial=8, ttl=900)
> Name=testa5, Records=1, Children=0
> A: 192.168.1.5 (flags=f0, serial=10, ttl=900)
> Name=testa6, Records=2, Children=0
> A: 192.168.1.6 (flags=f0, serial=12, ttl=900)
> A: 192.168.2.6 (flags=f0, serial=12, ttl=900)
> Name=testa7, Records=2, Children=0
> A: 192.168.1.7 (flags=f0, serial=14, ttl=900)
> A: 192.168.2.7 (flags=f0, serial=14, ttl=900)
> Name=testa8, Records=2, Children=0
> A: 192.168.1.8 (flags=f0, serial=16, ttl=900)
> A: 192.168.2.8 (flags=f0, serial=16, ttl=900)
> Name=testa9, Records=2, Children=0
> A: 192.168.1.9 (flags=f0, serial=18, ttl=900)
> A: 192.168.2.9 (flags=f0, serial=18, ttl=900)
> Name=testc1, Records=1, Children=0
> CNAME: testa1.jupiter.mydom.org. (flags=f0, serial=3, ttl=900)
> Name=testc10, Records=2, Children=0
> CNAME: testa10.jupiter.mydom.org. (flags=f0, serial=21, ttl=900)
> CNAME: testa10.saturn.mydom.org. (flags=f0, serial=21, ttl=900)
> Name=testc2, Records=1, Children=0
> CNAME: testa2.jupiter.mydom.org. (flags=f0, serial=5, ttl=900)
> Name=testc3, Records=1, Children=0
> CNAME: testa3.jupiter.mydom.org. (flags=f0, serial=7, ttl=900)
> Name=testc4, Records=1, Children=0
> CNAME: testa4.jupiter.mydom.org. (flags=f0, serial=9, ttl=900)
> Name=testc5, Records=1, Children=0
> CNAME: testa5.jupiter.mydom.org. (flags=f0, serial=11, ttl=900)
> Name=testc6, Records=2, Children=0
> CNAME: testa6.jupiter.mydom.org. (flags=f0, serial=13, ttl=900)
> CNAME: testa6.saturn.mydom.org. (flags=f0, serial=13, ttl=900)
> Name=testc7, Records=2, Children=0
> CNAME: testa7.jupiter.mydom.org. (flags=f0, serial=15, ttl=900)
> CNAME: testa7.saturn.mydom.org. (flags=f0, serial=15, ttl=900)
> Name=testc8, Records=2, Children=0
> CNAME: testa8.jupiter.mydom.org. (flags=f0, serial=17, ttl=900)
> CNAME: testa8.saturn.mydom.org. (flags=f0, serial=17, ttl=900)
> Name=testc9, Records=2, Children=0
> CNAME: testa9.jupiter.mydom.org. (flags=f0, serial=19, ttl=900)
> CNAME: testa9.saturn.mydom.org. (flags=f0, serial=19, ttl=900)
>
>
> Regards,
> Heinz
>
>
>
> Am Donnerstag,
> den 23.01.2020, 09:22 +0000 schrieb Heinz Hölzl via
> samba:
>> Hi,
>>
>> after a downgrade to samba 4.10 everything works fine.
>>
>> How should i proceed now?
>>
>> Regards,
>> Heinz
>>
>> Am Dienstag, den 21.01.2020, 15:48 +0000 schrieb Heinz Hölzl via
>> samba:
>>> Hi list,
>>>
>>> after the upgrade to samba 4.11.4 i have a problem with new added
>>> DNS
>>> records.
>>> If i add a new dns-record, the "samba-tool dns add" returns a
>>> "Record
>>> added successfully" but the new record is not aviable:
>>>
>>> "samba-tool dns query" returns "ERROR: Record or zone does not
>>> exist."
>>>
>>> "nslookup" or "host" returns nothing regarding the added record.
>>>
>>> if i retry to reinsert the new record, i get a
>>> WERR_DNS_ERROR_RECORD_ALREADY_EXISTS
>>>
>>>
>>> I have 4 domain controllers, 2 DCs are working with SAMBA_INTERNAL
>>> -
>>> DNS and 2 DCs are working with BIND9_DLZ.
>>>
>>> I tried also to rejoin a DC ... same issue.
>>>
>>>
>>> Thanks!
>>>
>>> Regards,
>>> Heinz
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> root at dctest2:~# /usr/local/samba/bin/samba-tool dns add dc2
>>> klingons.gvcc.net xy A 172.27.10.32
>>> Record added successfully
>>> root at dctest2:~# /usr/local/samba/bin/samba-tool dns query dc2
>>> klingons.gvcc.net xy A
>>> ERROR: Record or zone does not exist.
>>> root at dctest2:~# host xy.klingons.gvcc.net
>>> Host xy.klingons.gvcc.net not found: 3(NXDOMAIN)
>>> root at dctest2:~# /usr/local/samba/bin/samba-tool dns add dc2
>>> klingons.gvcc.net xy A 172.27.10.32
>>> ERROR(runtime): uncaught exception - (9711,
>>> 'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS')
>>> File "/usr/local/samba/lib/python3.6/site-
>>> packages/samba/netcmd/__init__.py", line 186, in _run
>>> return self.run(*args, **kwargs)
>>> File "/usr/local/samba/lib/python3.6/site-
>>> packages/samba/netcmd/dns.py", line 945, in run
>>> raise e
>>> File "/usr/local/samba/lib/python3.6/site-
>>> packages/samba/netcmd/dns.py", line 941, in run
>>> 0, server, zone, name, add_rec_buf, None)
>>> root at dctest2:~# /usr/local/samba/bin/samba-tool dns delete dc2
>>> klingons.gvcc.net xy A 172.27.10.32
>>> Record deleted successfully
>>> root at dctest2:~#
--
Dr. Christian Naumer
Unit Head Bioprocess Development
B.R.A.I.N Aktiengesellschaft
Darmstaedter Str. 34-36, D-64673 Zwingenberg
e-mail cn at brain-biotech.com, homepage www.brain-biotech.com
fon +49-6251-9331-30 / fax +49-6251-9331-11
Sitz der Gesellschaft: Zwingenberg/Bergstrasse
Registergericht AG Darmstadt, HRB 24758
Vorstand: Adriaan Moelker (Vorstandsvorsitzender),
Manfred Bender, Ludger Roedder
Aufsichtsratsvorsitzender: Dr. Georg Kellinghusen
More information about the samba
mailing list