[Samba] Best practice multi-homed AD DC
L.P.H. van Belle
belle at bazuin.nl
Mon May 18 09:45:39 UTC 2020
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Michael Jones via samba
> Verzonden: maandag 18 mei 2020 11:34
> Aan: Rowland penny
> CC: sambalist
> Onderwerp: Re: [Samba] Best practice multi-homed AD DC
>
> On Mon, May 18, 2020 at 2:44 AM Rowland penny via samba <
> samba at lists.samba.org> wrote:
>
> > On 17/05/2020 23:10, Michael Jones wrote:
> > > Why?
> > Amongst others, you may get:
> >
> > Slow / Failed logins
> > Replication issues
> > Group policy access issues
> > login script issues
> >
> > A multi-homed DC (for whatever reason) is a bad idea.
> >
> > Rowland
> >
>
> I appreciate the additional information here, but that doesn't really
> answer my question, as short and unnuanced as it was.
>
> Why does a multi-homed DC lead to those things as a matter of course?
Why, because people configure these things wrong.
>
> What's the underlying issue in Samba that leads to these problems?
None im my optinion.
>
> Why can't Samba workaround the underlying issue to allow multi-homed DCs to function correctly?
It can, if you configure your server correctly.
In the "old way" use iproute and routing tables.
In the new way use systemd-networking and setup per interface.
Per example what i add in a multihomed system
[Address]
Address=192.168.1.1/24
[Address]
Address=192.168.2.1/24
[Route]
Destination=192.168.1.0/24
Gateway=192.168.1.1
[Route]
Destination=192.168.2.0/24
Gateway=192.168.2.1
These above do the same as iproute, but more easy to setup, in my personal opinion.
>
> Is this a fundamental issue of the SMB protocol? Or an > implementation bug
> in other implementations of SMB that Samba can't provide a > workaround for?
People should only not forget to..
Setup A and PTR in all domain/reverse zones.
Greetz,
Louis
More information about the samba
mailing list