[Samba] New DNS-Records not aviable
L.P.H. van Belle
belle at bazuin.nl
Mon Feb 10 15:44:18 UTC 2020
Hai Christian,
> Can someone reproduce this?
No, tried, but sorry, works fine for me on my 4.11.6 server.
And what is you try it like this.
samba-tool dns add dc1.zone1.domain.de 0.168.192.in-addr.arpa 157 PTR zone1.domain.de -U Administrator
samba-tool dns add dc1.zone1.domain.de 1.168.192.in-addr.arpa 157 PTR zone2.domain.de -U Administrator
I tested on my production where i have 6 forward/reverse zones in use.
Is the hostname "dc1" also in other zones?
Yes, use FQDN as i showed and test it.
No, we need to investigate more most probely.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Christian Naumer via samba
> Verzonden: maandag 10 februari 2020 16:17
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] New DNS-Records not aviable
>
> After some more digging it looks like this:
>
> I will try to explain.
>
> I have to reverse zones:
>
> 0.168.192.in-addr.arpa
> 2.168.192.in-addr.arpa
>
> I create a new entry with
>
> samba-tool dns add dc1 0.168.192.in-addr.arpa 157 PTR xxxxxx.domain.de
>
> This works only if 157.2.168.192.in-addr.arpa (pointing to any other
> host) does not exist. If it does the entry is created again.
>
> 157.2.168.192.in-addr.arpa ponting to xxxxxx.
>
> If there is no entry in the 2.168.192.in-addr.arpa zone then the entry
> is correctly created in the 0.168.192.in-addr.arpa zone.
>
> Can someone reproduce this?
>
>
>
>
> Am 10.02.20 um 11:13 schrieb Christian Naumer via samba:
> > Funny you should post this now. I was just cleaning up some
> DNS records
> > and the following happend.
> > I had to PTR records with an empty timestamp. I deleted
> them and wanted
> > to recreate them.
> > My reverse Zones are
> >
> > 0.168.192.in-addr.arpa
> >
> > and
> >
> > 2.168.192.in-addr.arpa
> >
> >
> > both of the records I delted were in the "0" zone.
> >
> > The first i recreated with:
> >
> > samba-tool dns add dc1 0.168.192.in-addr.arpa 212 PTR drac.domain.de
> >
> > works as expected
> >
> > samba-tool dns add dc1 0.168.192.in-addr.arpa 80 PTR
> device.domain.de
> >
> > And this gets created in the "2" zone.
> >
> > If I try the same comamnd again it says entry exits. So it
> really thinks
> > it is creating in the right zone.
> >
> > I tried using the Windows DNS tool and it created the entry
> in the same
> > wrong zone!
> >
> > Weird!
> >
> > I got it to created the right record by expunging all
> tombstones on all DCs.
> >
> > I don't know if this is related but it sound similar.
> >
> > Regards
> >
> >
> > Christian
> >
> >
> >
> > Am 10.02.20 um 10:44 schrieb Heinz Hölzl via samba:
> >> hi again.
> >>
> >> after some tests, (on my operational domain and on a new
> testdomain) i
> >> detected this behavior:
> >>
> >>
> >>
> >> on samba 4.11.6 sometimes the new DNS-records finisches on
> a wrong dns
> >> zone.
> >>
> >> the problem occurs, if more then 5 records are created
> with the same
> >> name in more then one domain zone
> >>
> >> for example:
> >> testa1.jupiter.mydom.org
> >> testa2.jupiter.mydom.org
> >> testa3.jupiter.mydom.org
> >> testa4.jupiter.mydom.org
> >> testa5.jupiter.mydom.org
> >> testa6.jupiter.mydom.org
> >> testa7.jupiter.mydom.org
> >> ...
> >> testa1.saturn.mydom.org
> >> testa2.saturn.mydom.org
> >> testa3.saturn.mydom.org
> >> te
> >> sta4.saturn.mydom.org
> >> testa5.saturn.mydom.org
> >> testa6.saturn.mydom.org
> >> test
> >> a7.saturn.mydom.org
> >> ...
> >>
> >>
> >>
> >> can anyone confirm this ?
> >>
> >>
> >>
> >> To reproduce:
> >> 1. create a new domain zone (jupiter.mydom.org) and create
> 10 A records
> >> (testa1-testa10 -> 192.168.1.1-192.168.1.10 )
> >> and 10 CNAME (testc1-testc10 -> testa1-testa10) in the new zone
> >>
> >>
> >> samba-tool dns zonecreate dc2 jupiter.mydom.org
> >> samba-tool dns add dc2 jupiter.mydom.org testa1 A 192.168.1.1
> >> samba-tool dns add dc2 jupiter.mydom.org testc1 CNAME
> >> testa1.jupiter.mydom.org
> >> samba-tool dns add dc2 jupiter.mydom.org testa2 A 192.168.1.2
> >> samba-tool dns add dc2 jupiter.mydom.org testc2 CNAME
> >> testa2.jupiter.mydom.org
> >> samba-tool dns add dc2 jupiter.mydom.org testa3 A 192.168.1.3
> >> samba-tool dns add dc2 jupiter.mydom.org testc3 CNAME
> >> testa3.jupiter.mydom.org
> >> samba-tool dns add dc2 jupiter.mydom.org testa4 A 192.168.1.4
> >> samba-tool dns add dc2 jupiter.mydom.org testc4 CNAME
> >> testa4.jupiter.mydom.org
> >> samba-tool dns add dc2 jupiter.mydom.org testa5 A 192.168.1.5
> >> samba-tool dns add dc2 jupiter.mydom.org testc5 CNAME
> >> testa5.jupiter.mydom.org
> >> samba-tool dns add dc2 jupiter.mydom.org testa6 A 192.168.1.6
> >> samba-tool dns add dc2 jupiter.mydom.org testc6 CNAME
> >> testa6.jupiter.mydom.org
> >> samba-tool dns add dc2 jupiter.mydom.org testa7 A 192.168.1.7
> >> samba-tool dns add dc2 jupiter.mydom.org testc7 CNAME
> >> testa7.jupiter.mydom.org
> >> samba-tool dns add dc2 jupiter.mydom.org testa8 A 192.168.1.8
> >> samba-tool dns add dc2 jupiter.mydom.org testc8 CNAME
> >> testa8.jupiter.mydom.org
> >> samba-tool dns add dc2 jupiter.mydom.org testa9 A 192.168.1.9
> >> samba-tool dns add dc2 jupiter.mydom.org testc9 CNAME
> >> testa9.jupiter.mydom.org
> >> samba-tool dns add dc2 jupiter.mydom.org testa10 A 192.168.1.10
> >> samba-tool dns add dc2 jupiter.mydom.org testc10 CNAME
> >> testa10.jupiter.mydom.org
> >>
> >>
> >> The result until here is as expected:
> >>
> >> samba-tool dns query dc2 jupiter.mydom.org jupiter.mydom.org all
> >> Name=, Records=2, Children=0
> >> SOA: serial=21, refresh=900, retry=600, expire=86400,
> minttl=3600,
> >> ns=dc2.mydom.org., email=hostmaster.mydom.org. (flags=600000f0,
> >> serial=21, ttl=3600)
> >> NS: dc2.mydom.org. (flags=600000f0, serial=1, ttl=3600)
> >> Name=testa1, Records=1, Children=0
> >> A: 192.168.1.1 (flags=f0, serial=2, ttl=900)
> >> Name=testa10, Records=1, Children=0
> >> A: 192.168.1.10 (flags=f0, serial=20, ttl=900)
> >> Name=testa2, Records=1, Children=0
> >> A: 192.168.1.2 (flags=f0, serial=4, ttl=900)
> >> Name=testa3, Records=1, Children=0
> >> A: 192.168.1.3 (flags=f0, serial=6, ttl=900)
> >> Name=testa4, Records=1, Children=0
> >> A: 192.168.1.4 (flags=f0, serial=8, ttl=900)
> >> Name=testa5, Records=1, Children=0
> >> A: 192.168.1.5 (flags=f0, serial=10, ttl=900)
> >> Name=testa6, Records=1, Children=0
> >> A: 192.168.1.6 (flags=f0, serial=12, ttl=900)
> >> Name=testa7, Records=1, Children=0
> >> A: 192.168.1.7 (flags=f0, serial=14, ttl=900)
> >> Name=testa8, Records=1, Children=0
> >> A: 192.168.1.8 (flags=f0, serial=16, ttl=900)
> >> Name=testa9, Records=1, Children=0
> >> A: 192.168.1.9 (flags=f0, serial=18, ttl=900)
> >> Name=testc1, Records=1, Children=0
> >> CNAME: testa1.jupiter.mydom.org. (flags=f0, serial=3, ttl=900)
> >> Name=testc10, Records=1, Children=0
> >> CNAME: testa10.jupiter.mydom.org. (flags=f0,
> serial=21, ttl=900)
> >> Name=testc2, Records=1, Children=0
> >> CNAME: testa2.jupiter.mydom.org. (flags=f0, serial=5, ttl=900)
> >> Name=testc3, Records=1, Children=0
> >> CNAME: testa3.jupiter.mydom.org. (flags=f0, serial=7, ttl=900)
> >> Name=testc4, Records=1, Children=0
> >> CNAME: testa4.jupiter.mydom.org. (flags=f0, serial=9, ttl=900)
> >> Name=testc5, Records=1, Children=0
> >> CNAME: testa5.jupiter.mydom.org. (flags=f0, serial=11, ttl=900)
> >> Name=testc6, Records=1, Children=0
> >> CNAME: testa6.jupiter.mydom.org. (flags=f0, serial=13, ttl=900)
> >> Name=testc7, Records=1, Children=0
> >> CNAME: testa7.jupiter.mydom.org. (flags=f0, serial=15, ttl=900)
> >> Name=testc8, Records=1, Children=0
> >> CNAME: testa8.jupiter.mydom.org. (flags=f0, serial=17, ttl=900)
> >> Name=testc9, Records=1, Children=0
> >> CNAME: testa9.jupiter.mydom.org. (flags=f0, serial=19, ttl=900)
> >>
> >>
> >>
> >>
> >> 2. create a other domain zone (saturn.mydom.org) and
> create the same 10
> >> A records (testa1-testa10 -> 192.168.2.1-192.168.2.10)
> >> and the same 10 CNAME (testc1-testc10 -> testa1-testa10) in the
> >> second zone
> >>
> >> now, the first 5 A and the first 5 CNAME goes tho the second zone
> >> (saturn.mydom.org), but the rest is located in the wrong zone
> >> (jupiter.mydom.org)
> >>
> >> samba-tool dns zonecreate dc2 saturn.mydom.org
> >> samba-tool dns add dc2 saturn.mydom.org testa1 A 192.168.2.1
> >> samba-tool dns add dc2 saturn.mydom.org testc1 CNAME
> >> testa1.saturn.mydom.org
> >> samba-tool dns add dc2 saturn.mydom.org testa2 A 192.168.2.2
> >> samba-tool dns add dc2 saturn.mydom.org testc2 CNAME
> >> testa2.saturn.mydom.org
> >> samba-tool dns add dc2 saturn.mydom.org testa3 A 192.168.2.3
> >> samba-tool dns add dc2 saturn.mydom.org testc3 CNAME
> >> testa3.saturn.mydom.org
> >> samba-tool dns add dc2 saturn.mydom.org testa4 A 192.168.2.4
> >> samba-tool dns add dc2 saturn.mydom.org testc4 CNAME
> >> testa4.saturn.mydom.org
> >> samba-tool dns add dc2 saturn.mydom.org testa5 A 192.168.2.5
> >> samba-tool dns add dc2 saturn.mydom.org testc5 CNAME
> >> testa5.saturn.mydom.org
> >> samba-tool dns add dc2 saturn.mydom.org testa6 A 192.168.2.6
> >> samba-tool dns add dc2 saturn.mydom.org testc6 CNAME
> >> testa6.saturn.mydom.org
> >> samba-tool dns add dc2 saturn.mydom.org testa7 A 192.168.2.7
> >> samba-tool dns add dc2 saturn.mydom.org testc7 CNAME
> >> testa7.saturn.mydom.org
> >> samba-tool dns add dc2 saturn.mydom.org testa8 A 192.168.2.8
> >> samba-tool dns add dc2 saturn.mydom.org testc8 CNAME
> >> testa8.saturn.mydom.org
> >> samba-tool dns add dc2 saturn.mydom.org testa9 A 192.168.2.9
> >> samba-tool dns add dc2 saturn.mydom.org testc9 CNAME
> >> testa9.saturn.mydom.org
> >> samba-tool dns add dc2 saturn.mydom.org testa10 A 192.168.2.10
> >> samba-tool dns add dc2 saturn.mydom.org testc10 CNAME
> >> testa10.saturn.mydom.org
> >>
> >>
> >> Now the new result is:
> >>
> >> samba-tool dns query dc2 saturn.mydom.org saturn.mydom.org all
> >> Name=, Records=2, Children=0
> >> SOA: serial=21, refresh=900, retry=600, expire=86400,
> minttl=3600,
> >> ns=dc2.mydom.org., email=hostmaster.mydom.org. (flags=600000f0,
> >> serial=21, ttl=3600)
> >> NS: dc2.mydom.org. (flags=600000f0, serial=1, ttl=3600)
> >> Name=testa1, Records=1, Children=0
> >> A: 192.168.2.1 (flags=f0, serial=2, ttl=900)
> >> Name=testa2, Records=1, Children=0
> >> A: 192.168.2.2 (flags=f0, serial=4, ttl=900)
> >> Name=testa3, Records=1, Children=0
> >> A: 192.168.2.3 (flags=f0, serial=6, ttl=900)
> >> Name=testa4, Records=1, Children=0
> >> A: 192.168.2.4 (flags=f0, serial=8, ttl=900)
> >> Name=testa5, Records=1, Children=0
> >> A: 192.168.2.5 (flags=f0, serial=10, ttl=900)
> >> Name=testc1, Records=1, Children=0
> >> CNAME: testa1.saturn.mydom.org. (flags=f0, serial=3, ttl=900)
> >> Name=testc2, Records=1, Children=0
> >> CNAME: testa2.saturn.mydom.org. (flags=f0, serial=5, ttl=900)
> >> Name=testc3, Records=1, Children=0
> >> CNAME: testa3.saturn.mydom.org. (flags=f0, serial=7, ttl=900)
> >> Name=testc4, Records=1, Children=0
> >> CNAME: testa4.saturn.mydom.org. (flags=f0, serial=9, ttl=900)
> >> Name=testc5, Records=1, Children=0
> >> CNAME: testa5.saturn.mydom.org. (flags=f0, serial=11, ttl=900)
> >>
> >>
> >> samba-tool dns query dc2 jupiter.mydom.org jupiter.mydom.org all
> >> Name=, Records=2, Children=0
> >> SOA: serial=21, refresh=900, retry=600, expire=86400,
> minttl=3600,
> >> ns=dc2.mydom.org., email=hostmaster.mydom.org. (flags=600000f0,
> >> serial=21, ttl=3600)
> >> NS: dc2.mydom.org. (flags=600000f0, serial=1, ttl=3600)
> >> Name=testa1, Records=1, Children=0
> >> A: 192.168.1.1 (flags=f0, serial=2, ttl=900)
> >> Name=testa10, Records=2, Children=0
> >> A: 192.168.1.10 (flags=f0, serial=20, ttl=900)
> >> A: 192.168.2.10 (flags=f0, serial=20, ttl=900)
> >> Name=testa2, Records=1, Children=0
> >> A: 192.168.1.2 (flags=f0, serial=4, ttl=900)
> >> Name=testa3, Records=1, Children=0
> >> A: 192.168.1.3 (flags=f0, serial=6, ttl=900)
> >> Name=testa4, Records=1, Children=0
> >> A: 192.168.1.4 (flags=f0, serial=8, ttl=900)
> >> Name=testa5, Records=1, Children=0
> >> A: 192.168.1.5 (flags=f0, serial=10, ttl=900)
> >> Name=testa6, Records=2, Children=0
> >> A: 192.168.1.6 (flags=f0, serial=12, ttl=900)
> >> A: 192.168.2.6 (flags=f0, serial=12, ttl=900)
> >> Name=testa7, Records=2, Children=0
> >> A: 192.168.1.7 (flags=f0, serial=14, ttl=900)
> >> A: 192.168.2.7 (flags=f0, serial=14, ttl=900)
> >> Name=testa8, Records=2, Children=0
> >> A: 192.168.1.8 (flags=f0, serial=16, ttl=900)
> >> A: 192.168.2.8 (flags=f0, serial=16, ttl=900)
> >> Name=testa9, Records=2, Children=0
> >> A: 192.168.1.9 (flags=f0, serial=18, ttl=900)
> >> A: 192.168.2.9 (flags=f0, serial=18, ttl=900)
> >> Name=testc1, Records=1, Children=0
> >> CNAME: testa1.jupiter.mydom.org. (flags=f0, serial=3, ttl=900)
> >> Name=testc10, Records=2, Children=0
> >> CNAME: testa10.jupiter.mydom.org. (flags=f0,
> serial=21, ttl=900)
> >> CNAME: testa10.saturn.mydom.org. (flags=f0, serial=21, ttl=900)
> >> Name=testc2, Records=1, Children=0
> >> CNAME: testa2.jupiter.mydom.org. (flags=f0, serial=5, ttl=900)
> >> Name=testc3, Records=1, Children=0
> >> CNAME: testa3.jupiter.mydom.org. (flags=f0, serial=7, ttl=900)
> >> Name=testc4, Records=1, Children=0
> >> CNAME: testa4.jupiter.mydom.org. (flags=f0, serial=9, ttl=900)
> >> Name=testc5, Records=1, Children=0
> >> CNAME: testa5.jupiter.mydom.org. (flags=f0, serial=11, ttl=900)
> >> Name=testc6, Records=2, Children=0
> >> CNAME: testa6.jupiter.mydom.org. (flags=f0, serial=13, ttl=900)
> >> CNAME: testa6.saturn.mydom.org. (flags=f0, serial=13, ttl=900)
> >> Name=testc7, Records=2, Children=0
> >> CNAME: testa7.jupiter.mydom.org. (flags=f0, serial=15, ttl=900)
> >> CNAME: testa7.saturn.mydom.org. (flags=f0, serial=15, ttl=900)
> >> Name=testc8, Records=2, Children=0
> >> CNAME: testa8.jupiter.mydom.org. (flags=f0, serial=17, ttl=900)
> >> CNAME: testa8.saturn.mydom.org. (flags=f0, serial=17, ttl=900)
> >> Name=testc9, Records=2, Children=0
> >> CNAME: testa9.jupiter.mydom.org. (flags=f0, serial=19, ttl=900)
> >> CNAME: testa9.saturn.mydom.org. (flags=f0, serial=19, ttl=900)
> >>
> >>
> >> Regards,
> >> Heinz
> >>
> >>
> >>
> >> Am Donnerstag,
> >> den 23.01.2020, 09:22 +0000 schrieb Heinz Hölzl via
> >> samba:
> >>> Hi,
> >>>
> >>> after a downgrade to samba 4.10 everything works fine.
> >>>
> >>> How should i proceed now?
> >>>
> >>> Regards,
> >>> Heinz
> >>>
> >>> Am Dienstag, den 21.01.2020, 15:48 +0000 schrieb Heinz Hölzl via
> >>> samba:
> >>>> Hi list,
> >>>>
> >>>> after the upgrade to samba 4.11.4 i have a problem with new added
> >>>> DNS
> >>>> records.
> >>>> If i add a new dns-record, the "samba-tool dns add" returns a
> >>>> "Record
> >>>> added successfully" but the new record is not aviable:
> >>>>
> >>>> "samba-tool dns query" returns "ERROR: Record or zone does not
> >>>> exist."
> >>>>
> >>>> "nslookup" or "host" returns nothing regarding the added record.
> >>>>
> >>>> if i retry to reinsert the new record, i get a
> >>>> WERR_DNS_ERROR_RECORD_ALREADY_EXISTS
> >>>>
> >>>>
> >>>> I have 4 domain controllers, 2 DCs are working with
> SAMBA_INTERNAL
> >>>> -
> >>>> DNS and 2 DCs are working with BIND9_DLZ.
> >>>>
> >>>> I tried also to rejoin a DC ... same issue.
> >>>>
> >>>>
> >>>> Thanks!
> >>>>
> >>>> Regards,
> >>>> Heinz
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> root at dctest2:~# /usr/local/samba/bin/samba-tool dns add dc2
> >>>> klingons.gvcc.net xy A 172.27.10.32
> >>>> Record added successfully
> >>>> root at dctest2:~# /usr/local/samba/bin/samba-tool dns query dc2
> >>>> klingons.gvcc.net xy A
> >>>> ERROR: Record or zone does not exist.
> >>>> root at dctest2:~# host xy.klingons.gvcc.net
> >>>> Host xy.klingons.gvcc.net not found: 3(NXDOMAIN)
> >>>> root at dctest2:~# /usr/local/samba/bin/samba-tool dns add dc2
> >>>> klingons.gvcc.net xy A 172.27.10.32
> >>>> ERROR(runtime): uncaught exception - (9711,
> >>>> 'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS')
> >>>> File "/usr/local/samba/lib/python3.6/site-
> >>>> packages/samba/netcmd/__init__.py", line 186, in _run
> >>>> return self.run(*args, **kwargs)
> >>>> File "/usr/local/samba/lib/python3.6/site-
> >>>> packages/samba/netcmd/dns.py", line 945, in run
> >>>> raise e
> >>>> File "/usr/local/samba/lib/python3.6/site-
> >>>> packages/samba/netcmd/dns.py", line 941, in run
> >>>> 0, server, zone, name, add_rec_buf, None)
> >>>> root at dctest2:~# /usr/local/samba/bin/samba-tool dns delete dc2
> >>>> klingons.gvcc.net xy A 172.27.10.32
> >>>> Record deleted successfully
> >>>> root at dctest2:~#
> >
>
> --
> Dr. Christian Naumer
> Unit Head Bioprocess Development
> B.R.A.I.N Aktiengesellschaft
> Darmstaedter Str. 34-36, D-64673 Zwingenberg
> e-mail cn at brain-biotech.com, homepage www.brain-biotech.com
> fon +49-6251-9331-30 / fax +49-6251-9331-11
>
> Sitz der Gesellschaft: Zwingenberg/Bergstrasse
> Registergericht AG Darmstadt, HRB 24758
> Vorstand: Adriaan Moelker (Vorstandsvorsitzender),
> Manfred Bender, Ludger Roedder
> Aufsichtsratsvorsitzender: Dr. Georg Kellinghusen
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list