[Samba] once again reverse DNS - bind_dlz
L.P.H. van Belle
belle at bazuin.nl
Tue May 18 08:00:57 UTC 2021
AND.. Before i forget, does the ipv6 reverse zone exist?
If you need a private IPv6 number.
Have a look at this.
wget https://sunknudsen.com/static/media/privacy-guides/how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/ulagen.py
python3 ulagen.py | grep "First subnet" | awk '{print "IPV6_ULA="$3}'
(ULA= see https://en.wikipedia.org/wiki/Unique_local_address )
(original source of that script : https://gist.github.com/andrewlkho/31341da4f5953b8d977aab368e6280a8 )
Can be handy.
Last, if you running on debian buster,
minimal-responses yes; << add this in named.conf.options in the defaults.
(see also : https://wiki.samba.org/index.php/Setting_up_a_BIND_DNS_Server )
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Jan
> JMPBL via samba
> Verzonden: maandag 17 mei 2021 23:19
> Aan: Rowland penny
> CC: sambalist
> Onderwerp: Re: [Samba] once again reverse DNS - bind_dlz
>
> Hi,
> thank you,
> all changed as you suggested.
>
> still the reverse zone does not update automatically.
> doesn't recognize names. e.g. rsat.test.lan
>
> root @ ad: ~ # host 10.10.10.160
> Host 160.10.10.10.in-addr.arpa. not found: 3 (NXDOMAIN)
>
> from windows
> C: \ Users \ administrator.TEST.001> nslookup 10/10/10.50
> Server: UnKnown
> Address: 10.10.10.50
>
> *** UnKnown can't find 10.10.10.50: Non-existent domain
>
> do you have any more ideas?
>
> Thanks,
>
> Jan
>
> pon., 17 maj 2021 o 22:27 Rowland penny via samba
> <samba at lists.samba.org>
> napisa??(a):
>
> > On 17/05/2021 20:50, Jan JMPBL wrote:
> > > Hi,
> > > debug result below:
> > >
> >
> > Not much wrong, just a couple of dns problems, one that is
> your major
> > problem.
> >
> > Change your /etc/resolv.conf to this:
> >
> > nameserver 10.10.10.50
> > search test.lan
> >
> > Then change /etc/bind/named.conf.options to match this:
> >
> > options {
> > directory "/var/cache/bind";
> >
> > recursion yes;
> > allow-query { any; };
> >
> > forwarders { 8.8.8.8; 8.8.4.4; };
> >
> > dnssec-enable no;
> > dnssec-validation no;
> >
> > listen-on-v6 { none; };
> > notify no;
> > auth-nxdomain yes;
> > empty-zones-enable no;
> > // DNS dynamic updates via Kerberos
> > /var/lib/samba/bind-dns/dns.keytab;
> > tkey-gssapi-keytab "/var/lib/samba/bind-dns/dns.keytab";
> > };
> >
> > You should also install the libkrb5-26-heimdal package
> >
> > Rowland
> >
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/options/samba
> >
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list