[Samba] Failover DC did not work when Main DC failed

Rowland penny rpenny at samba.org
Thu Feb 13 15:17:46 UTC 2020 

On 13/02/2020 13:11, Paul Littlefield wrote:
> On 12/02/2020 13:08, Rowland penny via samba wrote:
>> The first is that a DC must use itself as its nameserver and if 
>> something goes wrong e.g. Samba has fallen over, then there isn't 
>> much point having another nameserver, Samba isn't going to use it
>>
>> The second is, it will not hurt having a second nameserver on a DC, 
>> just as long you understand that Samba will not use the second 
>> nameserver if Samba has fallen over, but the computer will.
>
>
> Hello Rowland,
>
> Thanks for your reply.
>
> Interesting points.
>
> So, in a normal situation...
>
> * WINDOWS CLIENT --> DNS --> DC3 --> YES
> * WINDOWS CLIENT --> DOMAIN LOGON --> DC3 --> YES
> * WINDOWS CLIENT --> FILES --> QNAP --> DC3 --> YES
>
> ...happy days.
>
> Then, the Proxmox VM backup at 3am has a funny turn and DC3 does not 
> start (which is exactly what happened).
>
> So, in our failover situation, this is happening...
>
> * WINDOWS CLIENT --> DNS --> DC3 --> NO --> DC4 --> YES
> * WINDOWS CLIENT --> DOMAIN LOGON --> DC3 --> NO --> DC4 --> NO
> * WINDOWS CLIENT --> FILES --> QNAP --> DC3 --> NO --> DC4 --> NO
>
> ...unhappy days.
>
> The 2 DCs appear to be in sync, replicating, copying the SysVol, and 
> both answering various types of query.
>
> I am going in to the office this Sunday to test this until I find a 
> solution.
>
> Any extra neat Linux or Windows commands to run and test (over and 
> above the Wiki pages) would be appreciated.
>
> Any other tips or suggestions (other than what's been suggested 
> already!) is appreciated.
>
> I have opened a support ticket with QNAP and have dived under the hood 
> of their smb.conf to see what's not working.
>
> Fingers crossed for Sunday.
>
> Thanks,
>
> :-)
>
> Paully

Clients are different, they can and should use all DCs as nameservers 
and the failover should happen on the client, if one DC isn't available, 
try another.

The various ways have already been mentioned, but are all your DCs 
listed as nameservers (NS) in the SOA's for the forward and reverse zones ?

Rowland

More information about the samba mailing list