[Samba] DCs in multiple VLANs
Stefan G. Weichinger
lists at xunil.at
Wed Jan 18 15:45:14 UTC 2023
I have 2 DCs at a customer that also run ISC-Kea-DHCP servers.
To be able to provide DHCP-Leases I added virtual interfaces to the
servers with IPs in each VLAN.
In turn there also exist routes to the VLANs:
# ip r
default via 10.0.0.254 dev enp0s31f6 onlink
10.0.0.0/24 dev enp0s31f6 proto kernel scope link src 10.0.0.230
10.100.40.0/24 dev enp0s31f6.200 proto kernel scope link src 10.100.40.230
192.168.101.0/24 dev enp0s31f6.101 proto kernel scope link src
192.168.101.230
192.168.102.0/24 dev enp0s31f6.102 proto kernel scope link src
192.168.102.230
192.168.103.0/24 dev enp0s31f6.103 proto kernel scope link src
192.168.103.230
In smb.conf I did this:
bind interfaces only = yes
interfaces = lo enp0s31f6
to only run the DC in the LAN network.
Otherwise there were 4 or 5 DNS-entries created for the hostname of the
DC, which seemed problematic to me. Maybe it is not?
What if a client in LAN gets a DNS reply with a IP in the VLANs? timeouts?
-
To reply to DHCP-clients in the VLANs I need the specific interfaces +
routes.
But if a client in a VLAN tries to "gpupdate" things fail: asymmetric
routing, the replies don't get to the client.
I am not sure how to solve this.
Allow the DC to run on all interfaces?
And no, we don't have additional hardware to move the DHCP-services to.
More information about the samba
mailing list