[Samba] Stray DC A record in DNS
martin f krafft
madduck at madduck.net
Thu Nov 27 11:59:01 UTC 2025
Hello,
We had a small configuration glitch it seems and for a few seconds, the
same Samba Domain Controller was online with two different IPs:
192.168.231.34 and .35.
Since then, bind9 answers for `dc01.samba-ad.example.org` with both IPs,
and this is causing problems in various parts of our infrastructure:
```
# dig @127.0.0.1 dc01.samba-ad.toni.immo +short
192.168.231.34
192.168.231.35
```
The thing is: we **cannot** figure out where it gets that .35 from.
We've removed it:
```
# samba-tool dns delete 127.0.0.1 samba-ad.toni.immo dc01 A 192.168.231.35 -U Administrator
Record deleted successfully
# samba-tool dns query 127.0.0.1 samba-ad.toni.immo @ ALL -U Administrator | grep 192.168.231.35 || echo not present anymore
not present anymore
```
but `dig` still returns it.
```
# for i in /var/lib/samba/**/*.ldb; do ldbsearch -H $i | grep 192.168.231.35 && echo $i; done
(no output)
```
We've tried `rndc flushname` and `rndc flushtree`, restarting bind9,
even the whole machine. We've stopped bind9 and removed the lines from
/var/cache/bind/named_dump.db and restarted the nameserver.
We cannot find it in the LDB files:
```
# grep -R "192.168.231.35" /etc/bind /var/lib/bind /var/cache/bind || echo no matches
no matches
```
I am at my wits end. This is voodoo magic. Where does the system persist
this IP? Do you have any ideas where else to look?
Any help appreciated!
Thank you,
--
martin krafft | https://matrix.to/#/#madduck:madduck.net
who's general failure, and why's he reading my disk?
{: .blockquote }
spamtraps: madduck.bogus at madduck.net
{: .hidden }
More information about the samba
mailing list