[Samba] tons of dns errors in log.samba

Adam Xu adam_xu at adagene.com.cn
Fri Nov 27 00:40:46 UTC 2020


在 2020/11/26 17:59, Rowland penny via samba 写道:
> On 26/11/2020 08:17, Adam Xu via samba wrote:
>> Hi everybody
>>
>> any help?
>>
>> 在 2020/11/25 8:50, Adam Xu via samba 写道:
>>> Hi samba devs
>>>
>>> My samba AD DC has worked for several years. I upgrade it from 4.6 
>>> to 4.7 to 4.8 ....and now it's version is 4.12.10.
>>>
>>> My OS is centos7 and I use the sernet samba repo.
>>>
>>> Yesterday, I saw that my log.samba file was very large. tons of 
>>> errors like:
>>>
>>> [2020/11/25 08:35:09.299194,  1] 
>>> ../../source4/dns_server/dns_query.c:1141(dns_server_process_query_got_auth)
>>>   dns_server_process_query_got_auth: Failed to add SOA record: 
>>> WERR_DNS_ERROR_RCODE_FORMAT_ERROR
>>> [2020/11/25 08:35:09.315638,  1] 
>>> ../../source4/dns_server/dns_query.c:1141(dns_server_process_query_got_auth)
>>>   dns_server_process_query_got_auth: Failed to add SOA record: 
>>> WERR_DNS_ERROR_RCODE_FORMAT_ERROR
>>> [2020/11/25 08:35:09.733265,  1] 
>>> ../../source4/dns_server/dns_query.c:1141(dns_server_process_query_got_auth)
>>>   dns_server_process_query_got_auth: Failed to add SOA record: 
>>> WERR_DNS_ERROR_RCODE_FORMAT_ERROR
>>> [2020/11/25 08:35:09.822746,  1] 
>>> ../../source4/dns_server/dns_query.c:1141(dns_server_process_query_got_auth)
>>>   dns_server_process_query_got_auth: Failed to add SOA record: 
>>> WERR_DNS_ERROR_RCODE_FORMAT_ERROR
>>>
>>> about 3 log entries per second.
>>>
>>> here's the smb.conf file:
>>>
>>> [global]
>>>     netbios name = DC1
>>>     realm = EXAMPLE.COM
>>>     workgroup = EXAMPLE
>>>     dns forwarder = 119.29.29.29 8.8.4.4
>>>     server role = active directory domain controller
>>>     idmap_ldb:use rfc2307 = yes
>>>     rpc server port = 49152
>>>     rpc server port:netlogon = 49153
>>>     rpc server port:drsuapi = 49154
>>>     log level = 1 auth_json_audit:3@/var/log/samba/auth.log
>>>     ntlm auth = mschapv2-and-ntlmv2-only
>>>
>>> [netlogon]
>>>     path = /var/lib/samba/sysvol/adagene.cn/scripts
>>>     read only = No
>>>
>>> [sysvol]
>>>     path = /var/lib/samba/sysvol
>>>     read only = No
>>>
>>> If I blocked the port 53, the error log will stop.
>>>
>>> although there are tons of dns errors, my AD works OK now.
>>>
>>> Can anyone tell me what causes so many error logs. Is that matters?
>>>
> It sounds like something is sending a malformed request and your dns 
> server is rejecting it, have you recently added another DC ?

yes, I added a RODC recently.  And I have 2 RW DCs and 1 RODC now.

SOA record is dc1.example.com.

>
> Rowland
>
>
>
-- 
Adam Xu
Phone: 86-512-8777-3585
Adagene (Suzhou) Limited
C14, No. 218, Xinghu Street, Suzhou Industrial Park





More information about the samba mailing list