[Samba] New DNS-Records not aviable
Christian Naumer
cn at brain-biotech.de
Mon Feb 10 15:17:24 UTC 2020
After some more digging it looks like this:
I will try to explain.
I have to reverse zones:
0.168.192.in-addr.arpa
2.168.192.in-addr.arpa
I create a new entry with
samba-tool dns add dc1 0.168.192.in-addr.arpa 157 PTR xxxxxx.domain.de
This works only if 157.2.168.192.in-addr.arpa (pointing to any other
host) does not exist. If it does the entry is created again.
157.2.168.192.in-addr.arpa ponting to xxxxxx.
If there is no entry in the 2.168.192.in-addr.arpa zone then the entry
is correctly created in the 0.168.192.in-addr.arpa zone.
Can someone reproduce this?
Am 10.02.20 um 11:13 schrieb Christian Naumer via samba:
> Funny you should post this now. I was just cleaning up some DNS records
> and the following happend.
> I had to PTR records with an empty timestamp. I deleted them and wanted
> to recreate them.
> My reverse Zones are
>
> 0.168.192.in-addr.arpa
>
> and
>
> 2.168.192.in-addr.arpa
>
>
> both of the records I delted were in the "0" zone.
>
> The first i recreated with:
>
> samba-tool dns add dc1 0.168.192.in-addr.arpa 212 PTR drac.domain.de
>
> works as expected
>
> samba-tool dns add dc1 0.168.192.in-addr.arpa 80 PTR device.domain.de
>
> And this gets created in the "2" zone.
>
> If I try the same comamnd again it says entry exits. So it really thinks
> it is creating in the right zone.
>
> I tried using the Windows DNS tool and it created the entry in the same
> wrong zone!
>
> Weird!
>
> I got it to created the right record by expunging all tombstones on all DCs.
>
> I don't know if this is related but it sound similar.
>
> Regards
>
>
> Christian
>
>
>
> Am 10.02.20 um 10:44 schrieb Heinz Hölzl via samba:
>> hi again.
>>
>> after some tests, (on my operational domain and on a new testdomain) i
>> detected this behavior:
>>
>>
>>
>> on samba 4.11.6 sometimes the new DNS-records finisches on a wrong dns
>> zone.
>>
>> the problem occurs, if more then 5 records are created with the same
>> name in more then one domain zone
>>
>> for example:
>> testa1.jupiter.mydom.org
>> testa2.jupiter.mydom.org
>> testa3.jupiter.mydom.org
>> testa4.jupiter.mydom.org
>> testa5.jupiter.mydom.org
>> testa6.jupiter.mydom.org
>> testa7.jupiter.mydom.org
>> ...
>> testa1.saturn.mydom.org
>> testa2.saturn.mydom.org
>> testa3.saturn.mydom.org
>> te
>> sta4.saturn.mydom.org
>> testa5.saturn.mydom.org
>> testa6.saturn.mydom.org
>> test
>> a7.saturn.mydom.org
>> ...
>>
>>
>>
>> can anyone confirm this ?
>>
>>
>>
>> To reproduce:
>> 1. create a new domain zone (jupiter.mydom.org) and create 10 A records
>> (testa1-testa10 -> 192.168.1.1-192.168.1.10 )
>> and 10 CNAME (testc1-testc10 -> testa1-testa10) in the new zone
>>
>>
>> samba-tool dns zonecreate dc2 jupiter.mydom.org
>> samba-tool dns add dc2 jupiter.mydom.org testa1 A 192.168.1.1
>> samba-tool dns add dc2 jupiter.mydom.org testc1 CNAME
>> testa1.jupiter.mydom.org
>> samba-tool dns add dc2 jupiter.mydom.org testa2 A 192.168.1.2
>> samba-tool dns add dc2 jupiter.mydom.org testc2 CNAME
>> testa2.jupiter.mydom.org
>> samba-tool dns add dc2 jupiter.mydom.org testa3 A 192.168.1.3
>> samba-tool dns add dc2 jupiter.mydom.org testc3 CNAME
>> testa3.jupiter.mydom.org
>> samba-tool dns add dc2 jupiter.mydom.org testa4 A 192.168.1.4
>> samba-tool dns add dc2 jupiter.mydom.org testc4 CNAME
>> testa4.jupiter.mydom.org
>> samba-tool dns add dc2 jupiter.mydom.org testa5 A 192.168.1.5
>> samba-tool dns add dc2 jupiter.mydom.org testc5 CNAME
>> testa5.jupiter.mydom.org
>> samba-tool dns add dc2 jupiter.mydom.org testa6 A 192.168.1.6
>> samba-tool dns add dc2 jupiter.mydom.org testc6 CNAME
>> testa6.jupiter.mydom.org
>> samba-tool dns add dc2 jupiter.mydom.org testa7 A 192.168.1.7
>> samba-tool dns add dc2 jupiter.mydom.org testc7 CNAME
>> testa7.jupiter.mydom.org
>> samba-tool dns add dc2 jupiter.mydom.org testa8 A 192.168.1.8
>> samba-tool dns add dc2 jupiter.mydom.org testc8 CNAME
>> testa8.jupiter.mydom.org
>> samba-tool dns add dc2 jupiter.mydom.org testa9 A 192.168.1.9
>> samba-tool dns add dc2 jupiter.mydom.org testc9 CNAME
>> testa9.jupiter.mydom.org
>> samba-tool dns add dc2 jupiter.mydom.org testa10 A 192.168.1.10
>> samba-tool dns add dc2 jupiter.mydom.org testc10 CNAME
>> testa10.jupiter.mydom.org
>>
>>
>> The result until here is as expected:
>>
>> samba-tool dns query dc2 jupiter.mydom.org jupiter.mydom.org all
>> Name=, Records=2, Children=0
>> SOA: serial=21, refresh=900, retry=600, expire=86400, minttl=3600,
>> ns=dc2.mydom.org., email=hostmaster.mydom.org. (flags=600000f0,
>> serial=21, ttl=3600)
>> NS: dc2.mydom.org. (flags=600000f0, serial=1, ttl=3600)
>> Name=testa1, Records=1, Children=0
>> A: 192.168.1.1 (flags=f0, serial=2, ttl=900)
>> Name=testa10, Records=1, Children=0
>> A: 192.168.1.10 (flags=f0, serial=20, ttl=900)
>> Name=testa2, Records=1, Children=0
>> A: 192.168.1.2 (flags=f0, serial=4, ttl=900)
>> Name=testa3, Records=1, Children=0
>> A: 192.168.1.3 (flags=f0, serial=6, ttl=900)
>> Name=testa4, Records=1, Children=0
>> A: 192.168.1.4 (flags=f0, serial=8, ttl=900)
>> Name=testa5, Records=1, Children=0
>> A: 192.168.1.5 (flags=f0, serial=10, ttl=900)
>> Name=testa6, Records=1, Children=0
>> A: 192.168.1.6 (flags=f0, serial=12, ttl=900)
>> Name=testa7, Records=1, Children=0
>> A: 192.168.1.7 (flags=f0, serial=14, ttl=900)
>> Name=testa8, Records=1, Children=0
>> A: 192.168.1.8 (flags=f0, serial=16, ttl=900)
>> Name=testa9, Records=1, Children=0
>> A: 192.168.1.9 (flags=f0, serial=18, ttl=900)
>> Name=testc1, Records=1, Children=0
>> CNAME: testa1.jupiter.mydom.org. (flags=f0, serial=3, ttl=900)
>> Name=testc10, Records=1, Children=0
>> CNAME: testa10.jupiter.mydom.org. (flags=f0, serial=21, ttl=900)
>> Name=testc2, Records=1, Children=0
>> CNAME: testa2.jupiter.mydom.org. (flags=f0, serial=5, ttl=900)
>> Name=testc3, Records=1, Children=0
>> CNAME: testa3.jupiter.mydom.org. (flags=f0, serial=7, ttl=900)
>> Name=testc4, Records=1, Children=0
>> CNAME: testa4.jupiter.mydom.org. (flags=f0, serial=9, ttl=900)
>> Name=testc5, Records=1, Children=0
>> CNAME: testa5.jupiter.mydom.org. (flags=f0, serial=11, ttl=900)
>> Name=testc6, Records=1, Children=0
>> CNAME: testa6.jupiter.mydom.org. (flags=f0, serial=13, ttl=900)
>> Name=testc7, Records=1, Children=0
>> CNAME: testa7.jupiter.mydom.org. (flags=f0, serial=15, ttl=900)
>> Name=testc8, Records=1, Children=0
>> CNAME: testa8.jupiter.mydom.org. (flags=f0, serial=17, ttl=900)
>> Name=testc9, Records=1, Children=0
>> CNAME: testa9.jupiter.mydom.org. (flags=f0, serial=19, ttl=900)
>>
>>
>>
>>
>> 2. create a other domain zone (saturn.mydom.org) and create the same 10
>> A records (testa1-testa10 -> 192.168.2.1-192.168.2.10)
>> and the same 10 CNAME (testc1-testc10 -> testa1-testa10) in the
>> second zone
>>
>> now, the first 5 A and the first 5 CNAME goes tho the second zone
>> (saturn.mydom.org), but the rest is located in the wrong zone
>> (jupiter.mydom.org)
>>
>> samba-tool dns zonecreate dc2 saturn.mydom.org
>> samba-tool dns add dc2 saturn.mydom.org testa1 A 192.168.2.1
>> samba-tool dns add dc2 saturn.mydom.org testc1 CNAME
>> testa1.saturn.mydom.org
>> samba-tool dns add dc2 saturn.mydom.org testa2 A 192.168.2.2
>> samba-tool dns add dc2 saturn.mydom.org testc2 CNAME
>> testa2.saturn.mydom.org
>> samba-tool dns add dc2 saturn.mydom.org testa3 A 192.168.2.3
>> samba-tool dns add dc2 saturn.mydom.org testc3 CNAME
>> testa3.saturn.mydom.org
>> samba-tool dns add dc2 saturn.mydom.org testa4 A 192.168.2.4
>> samba-tool dns add dc2 saturn.mydom.org testc4 CNAME
>> testa4.saturn.mydom.org
>> samba-tool dns add dc2 saturn.mydom.org testa5 A 192.168.2.5
>> samba-tool dns add dc2 saturn.mydom.org testc5 CNAME
>> testa5.saturn.mydom.org
>> samba-tool dns add dc2 saturn.mydom.org testa6 A 192.168.2.6
>> samba-tool dns add dc2 saturn.mydom.org testc6 CNAME
>> testa6.saturn.mydom.org
>> samba-tool dns add dc2 saturn.mydom.org testa7 A 192.168.2.7
>> samba-tool dns add dc2 saturn.mydom.org testc7 CNAME
>> testa7.saturn.mydom.org
>> samba-tool dns add dc2 saturn.mydom.org testa8 A 192.168.2.8
>> samba-tool dns add dc2 saturn.mydom.org testc8 CNAME
>> testa8.saturn.mydom.org
>> samba-tool dns add dc2 saturn.mydom.org testa9 A 192.168.2.9
>> samba-tool dns add dc2 saturn.mydom.org testc9 CNAME
>> testa9.saturn.mydom.org
>> samba-tool dns add dc2 saturn.mydom.org testa10 A 192.168.2.10
>> samba-tool dns add dc2 saturn.mydom.org testc10 CNAME
>> testa10.saturn.mydom.org
>>
>>
>> Now the new result is:
>>
>> samba-tool dns query dc2 saturn.mydom.org saturn.mydom.org all
>> Name=, Records=2, Children=0
>> SOA: serial=21, refresh=900, retry=600, expire=86400, minttl=3600,
>> ns=dc2.mydom.org., email=hostmaster.mydom.org. (flags=600000f0,
>> serial=21, ttl=3600)
>> NS: dc2.mydom.org. (flags=600000f0, serial=1, ttl=3600)
>> Name=testa1, Records=1, Children=0
>> A: 192.168.2.1 (flags=f0, serial=2, ttl=900)
>> Name=testa2, Records=1, Children=0
>> A: 192.168.2.2 (flags=f0, serial=4, ttl=900)
>> Name=testa3, Records=1, Children=0
>> A: 192.168.2.3 (flags=f0, serial=6, ttl=900)
>> Name=testa4, Records=1, Children=0
>> A: 192.168.2.4 (flags=f0, serial=8, ttl=900)
>> Name=testa5, Records=1, Children=0
>> A: 192.168.2.5 (flags=f0, serial=10, ttl=900)
>> Name=testc1, Records=1, Children=0
>> CNAME: testa1.saturn.mydom.org. (flags=f0, serial=3, ttl=900)
>> Name=testc2, Records=1, Children=0
>> CNAME: testa2.saturn.mydom.org. (flags=f0, serial=5, ttl=900)
>> Name=testc3, Records=1, Children=0
>> CNAME: testa3.saturn.mydom.org. (flags=f0, serial=7, ttl=900)
>> Name=testc4, Records=1, Children=0
>> CNAME: testa4.saturn.mydom.org. (flags=f0, serial=9, ttl=900)
>> Name=testc5, Records=1, Children=0
>> CNAME: testa5.saturn.mydom.org. (flags=f0, serial=11, ttl=900)
>>
>>
>> samba-tool dns query dc2 jupiter.mydom.org jupiter.mydom.org all
>> Name=, Records=2, Children=0
>> SOA: serial=21, refresh=900, retry=600, expire=86400, minttl=3600,
>> ns=dc2.mydom.org., email=hostmaster.mydom.org. (flags=600000f0,
>> serial=21, ttl=3600)
>> NS: dc2.mydom.org. (flags=600000f0, serial=1, ttl=3600)
>> Name=testa1, Records=1, Children=0
>> A: 192.168.1.1 (flags=f0, serial=2, ttl=900)
>> Name=testa10, Records=2, Children=0
>> A: 192.168.1.10 (flags=f0, serial=20, ttl=900)
>> A: 192.168.2.10 (flags=f0, serial=20, ttl=900)
>> Name=testa2, Records=1, Children=0
>> A: 192.168.1.2 (flags=f0, serial=4, ttl=900)
>> Name=testa3, Records=1, Children=0
>> A: 192.168.1.3 (flags=f0, serial=6, ttl=900)
>> Name=testa4, Records=1, Children=0
>> A: 192.168.1.4 (flags=f0, serial=8, ttl=900)
>> Name=testa5, Records=1, Children=0
>> A: 192.168.1.5 (flags=f0, serial=10, ttl=900)
>> Name=testa6, Records=2, Children=0
>> A: 192.168.1.6 (flags=f0, serial=12, ttl=900)
>> A: 192.168.2.6 (flags=f0, serial=12, ttl=900)
>> Name=testa7, Records=2, Children=0
>> A: 192.168.1.7 (flags=f0, serial=14, ttl=900)
>> A: 192.168.2.7 (flags=f0, serial=14, ttl=900)
>> Name=testa8, Records=2, Children=0
>> A: 192.168.1.8 (flags=f0, serial=16, ttl=900)
>> A: 192.168.2.8 (flags=f0, serial=16, ttl=900)
>> Name=testa9, Records=2, Children=0
>> A: 192.168.1.9 (flags=f0, serial=18, ttl=900)
>> A: 192.168.2.9 (flags=f0, serial=18, ttl=900)
>> Name=testc1, Records=1, Children=0
>> CNAME: testa1.jupiter.mydom.org. (flags=f0, serial=3, ttl=900)
>> Name=testc10, Records=2, Children=0
>> CNAME: testa10.jupiter.mydom.org. (flags=f0, serial=21, ttl=900)
>> CNAME: testa10.saturn.mydom.org. (flags=f0, serial=21, ttl=900)
>> Name=testc2, Records=1, Children=0
>> CNAME: testa2.jupiter.mydom.org. (flags=f0, serial=5, ttl=900)
>> Name=testc3, Records=1, Children=0
>> CNAME: testa3.jupiter.mydom.org. (flags=f0, serial=7, ttl=900)
>> Name=testc4, Records=1, Children=0
>> CNAME: testa4.jupiter.mydom.org. (flags=f0, serial=9, ttl=900)
>> Name=testc5, Records=1, Children=0
>> CNAME: testa5.jupiter.mydom.org. (flags=f0, serial=11, ttl=900)
>> Name=testc6, Records=2, Children=0
>> CNAME: testa6.jupiter.mydom.org. (flags=f0, serial=13, ttl=900)
>> CNAME: testa6.saturn.mydom.org. (flags=f0, serial=13, ttl=900)
>> Name=testc7, Records=2, Children=0
>> CNAME: testa7.jupiter.mydom.org. (flags=f0, serial=15, ttl=900)
>> CNAME: testa7.saturn.mydom.org. (flags=f0, serial=15, ttl=900)
>> Name=testc8, Records=2, Children=0
>> CNAME: testa8.jupiter.mydom.org. (flags=f0, serial=17, ttl=900)
>> CNAME: testa8.saturn.mydom.org. (flags=f0, serial=17, ttl=900)
>> Name=testc9, Records=2, Children=0
>> CNAME: testa9.jupiter.mydom.org. (flags=f0, serial=19, ttl=900)
>> CNAME: testa9.saturn.mydom.org. (flags=f0, serial=19, ttl=900)
>>
>>
>> Regards,
>> Heinz
>>
>>
>>
>> Am Donnerstag,
>> den 23.01.2020, 09:22 +0000 schrieb Heinz Hölzl via
>> samba:
>>> Hi,
>>>
>>> after a downgrade to samba 4.10 everything works fine.
>>>
>>> How should i proceed now?
>>>
>>> Regards,
>>> Heinz
>>>
>>> Am Dienstag, den 21.01.2020, 15:48 +0000 schrieb Heinz Hölzl via
>>> samba:
>>>> Hi list,
>>>>
>>>> after the upgrade to samba 4.11.4 i have a problem with new added
>>>> DNS
>>>> records.
>>>> If i add a new dns-record, the "samba-tool dns add" returns a
>>>> "Record
>>>> added successfully" but the new record is not aviable:
>>>>
>>>> "samba-tool dns query" returns "ERROR: Record or zone does not
>>>> exist."
>>>>
>>>> "nslookup" or "host" returns nothing regarding the added record.
>>>>
>>>> if i retry to reinsert the new record, i get a
>>>> WERR_DNS_ERROR_RECORD_ALREADY_EXISTS
>>>>
>>>>
>>>> I have 4 domain controllers, 2 DCs are working with SAMBA_INTERNAL
>>>> -
>>>> DNS and 2 DCs are working with BIND9_DLZ.
>>>>
>>>> I tried also to rejoin a DC ... same issue.
>>>>
>>>>
>>>> Thanks!
>>>>
>>>> Regards,
>>>> Heinz
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> root at dctest2:~# /usr/local/samba/bin/samba-tool dns add dc2
>>>> klingons.gvcc.net xy A 172.27.10.32
>>>> Record added successfully
>>>> root at dctest2:~# /usr/local/samba/bin/samba-tool dns query dc2
>>>> klingons.gvcc.net xy A
>>>> ERROR: Record or zone does not exist.
>>>> root at dctest2:~# host xy.klingons.gvcc.net
>>>> Host xy.klingons.gvcc.net not found: 3(NXDOMAIN)
>>>> root at dctest2:~# /usr/local/samba/bin/samba-tool dns add dc2
>>>> klingons.gvcc.net xy A 172.27.10.32
>>>> ERROR(runtime): uncaught exception - (9711,
>>>> 'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS')
>>>> File "/usr/local/samba/lib/python3.6/site-
>>>> packages/samba/netcmd/__init__.py", line 186, in _run
>>>> return self.run(*args, **kwargs)
>>>> File "/usr/local/samba/lib/python3.6/site-
>>>> packages/samba/netcmd/dns.py", line 945, in run
>>>> raise e
>>>> File "/usr/local/samba/lib/python3.6/site-
>>>> packages/samba/netcmd/dns.py", line 941, in run
>>>> 0, server, zone, name, add_rec_buf, None)
>>>> root at dctest2:~# /usr/local/samba/bin/samba-tool dns delete dc2
>>>> klingons.gvcc.net xy A 172.27.10.32
>>>> Record deleted successfully
>>>> root at dctest2:~#
>
--
Dr. Christian Naumer
Unit Head Bioprocess Development
B.R.A.I.N Aktiengesellschaft
Darmstaedter Str. 34-36, D-64673 Zwingenberg
e-mail cn at brain-biotech.com, homepage www.brain-biotech.com
fon +49-6251-9331-30 / fax +49-6251-9331-11
Sitz der Gesellschaft: Zwingenberg/Bergstrasse
Registergericht AG Darmstadt, HRB 24758
Vorstand: Adriaan Moelker (Vorstandsvorsitzender),
Manfred Bender, Ludger Roedder
Aufsichtsratsvorsitzender: Dr. Georg Kellinghusen
More information about the samba
mailing list