[Samba] once again reverse DNS - bind_dlz

L.P.H. van Belle belle at bazuin.nl
Tue May 18 08:00:57 UTC 2021 

AND.. Before i forget, does the ipv6 reverse zone exist? 

If you need a private IPv6 number. 
Have a look at this. 
wget https://sunknudsen.com/static/media/privacy-guides/how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/ulagen.py 

python3 ulagen.py | grep "First subnet" | awk '{print "IPV6_ULA="$3}'

(ULA= see https://en.wikipedia.org/wiki/Unique_local_address ) 

(original source of that script : https://gist.github.com/andrewlkho/31341da4f5953b8d977aab368e6280a8 ) 
Can be handy. 

Last, if you running on debian buster, 

      minimal-responses yes; << add this in named.conf.options in the defaults. 
	(see also : https://wiki.samba.org/index.php/Setting_up_a_BIND_DNS_Server ) 


Greetz, 

Louis



> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Jan 
> JMPBL via samba
> Verzonden: maandag 17 mei 2021 23:19
> Aan: Rowland penny
> CC: sambalist
> Onderwerp: Re: [Samba] once again reverse DNS - bind_dlz
> 
> Hi,
> thank you,
> all changed as you suggested.
> 
> still the reverse zone does not update automatically.
> doesn't recognize names. e.g. rsat.test.lan
> 
> root @ ad: ~ # host 10.10.10.160
> Host 160.10.10.10.in-addr.arpa. not found: 3 (NXDOMAIN)
> 
> from windows
> C: \ Users \ administrator.TEST.001> nslookup 10/10/10.50
> Server: UnKnown
> Address: 10.10.10.50
> 
> *** UnKnown can't find 10.10.10.50: Non-existent domain
> 
> do you have any more ideas?
> 
> Thanks,
> 
> Jan
> 
> pon., 17 maj 2021 o 22:27 Rowland penny via samba 
> <samba at lists.samba.org>
> napisa??(a):
> 
> > On 17/05/2021 20:50, Jan JMPBL wrote:
> > > Hi,
> > > debug result below:
> > >
> >
> > Not much wrong, just a couple of dns problems, one that is 
> your major
> > problem.
> >
> > Change your /etc/resolv.conf to this:
> >
> > nameserver 10.10.10.50
> > search test.lan
> >
> > Then change /etc/bind/named.conf.options to match this:
> >
> > options {
> >      directory "/var/cache/bind";
> >
> >          recursion yes;
> >          allow-query { any; };
> >
> >          forwarders { 8.8.8.8; 8.8.4.4; };
> >
> >          dnssec-enable no;
> >          dnssec-validation no;
> >
> >          listen-on-v6 { none; };
> >          notify no;
> >          auth-nxdomain yes;
> >          empty-zones-enable no;
> >          // DNS dynamic updates via Kerberos
> > /var/lib/samba/bind-dns/dns.keytab;
> >          tkey-gssapi-keytab "/var/lib/samba/bind-dns/dns.keytab";
> > };
> >
> > You should also install the libkrb5-26-heimdal package
> >
> > Rowland
> >
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> >
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 
>

More information about the samba mailing list