[Samba] Dual controllers with bind DLZ - DNS change propagation
Michal Bruncko
michal.bruncko at ssrk.sk
Fri Oct 30 11:45:36 UTC 2020
hello
our AD domain is hosted by two samba AD domain controllers version 4.12.6
- replication between controllers is fine, no problems.
- no schema errors.
- no database errors, all fine.
we use this samba DCs with bind with DLZ backend
(bind-9.11.13-6.el8_2.1.x86_64) to manage internal DNS zones. bind/DLZ
setup is deployed completely same way on both DC1 and DC2 (mostly
followed samba wiki during deployment).
we manage this DNS using RSAT tools on windows machine.
if I create a RR record ("A" for example) in one of DNS zones (on DC1
using RSAT), then I can confirm that this change is almost immediately
propagated to DC2 with using both:
- LDAP editor connected to DC2
- RSAT DNS manager connected to DC2
this change is immediately reflected by bind on DC1 and I am able to
resolve name based on what I've created.
the problem is with bind on DC2 - it is still returns NXDOMAIN for this
change.
at the end the RR records seems to be resolvable, but it takes some
bunch of time (in hours?)...
doing "rndc flush" or "rndc refresh" will not help at all...
do I miss something in this setup? why it is not reflected by bind in
same way as on DC1?
thank you
michal
More information about the samba
mailing list