On 12/22/2012 05:44 AM, Andrew Bartlett wrote:
On Tue, 2012-12-18 at 11:58 -0500, Michael B. Trausch wrote:
Hello all,
I'd like to have redundant DNS in our setup. But it seems that Samba 4
does not yet support AXFR with its internal DNS server. Alright, that's
fine, so I figured I'd configure the system such that at the very least,
a caching nameserver was sitting in front of it. However, that doesn't
work; the caching nameserver (BIND 9) returns SERVFAIL, apparently
because Samba 4 isn't setting the authoritative bit on its DNS responses.
That's odd. Please file a bug, so Kai can look into it.
Well, I finally got it working, after an update. Yay. :)
I still don't have the ability for AXFR, though, it seems. Is that
supported, or in-the-works?
Is this a known issue, a configuration error on my part, or something
entirely different altogether?
You could run another Samba DC to get the redundant DNS.
I _could_... but I'm not there yet, and Samba seems to drop queries a
fair bit on a lightly-loaded (about 1 QPS) network; what I mean there is
that we've observed failure-to-resolve several times a day. This seems
to have gone away now that we've turned off the forwarding option, and
are using BIND "in front" of Samba 4 as a caching/forwarding nameserver.
I'll know more as the week goes by.
Another option is to run the bind9 server and the dlz plugin.
I'd opted to not set this domain up that way because I figured it'd be
easier to manage if Samba handled the domain itself. We could switch to
BIND for the server, but I have three questions there:
1. Can we switch from Samba 4 -> BIND without reprovisioning?
2. Is there any loss of client-side functionality (e.g., the Microsoft
DNS tool)?
3. Are there any other downsides to using BIND over the internal Samba4
DNS?
--- Mike
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
