[Samba] help again with dns and samba 4 ad
Nick Howitt
nick at howitts.co.uk
Wed Sep 2 15:35:43 UTC 2020
On 02/09/2020 16:28, Rowland penny via samba wrote:
>
> On 02/09/2020 16:15, jmpatagonia via samba wrote:
>> That mean for example if my domain resolve
>>
>> xxxxx.testing.mydomain.com
>>
>> the dnsmasq should NOT resolv xxxxxx.mydomain.com this is in
>> ascending way
>> ?
>>
>> Another way to expose:
>> We set dnsmasq+dhcp to set clients that the only DNS server is samba
>> DC on
>> the domain name mysubdomain.mydomain.com
>>
>> DC for example resolv server1.mysubdomain.mydomain.com right, now if a
>> client as for a ddddd.mydomain.com DC response or ask to dnamasq fot that
>> or produce a horrible loop that you mentioned?
>>
>> Regards
>
> OK, if your dnsmasq server is in the 'mydomain.com' dns domain, and your
> DC was in the 'ad.mydomain.com', this would be okay. This would your
> allow your domain clients (winpc.ad.mydomain.com, for instance) to ask
> the DC for the dns data for 'another-winpc.ad.mydomain.com' and the DC
> would reply with the data. However, if 'winpc' asked for the data for
> 'yetanother-winpc.mydomain.com', then the DC should realise 'I do not
> know this' and ask the dnsmasq server.
>
> Rowland
>
>
>
In your case the lookup for yetanother-winpc.mydomain.com shouldn't even
hit the DC as dnsmasq will handle it directly as all lookups go via it.
The problem comes if the DC ever needs dnsmasq to return any lookups.
This will risk a loop as in the other part of the thread.
More information about the samba
mailing list