Bug 11046 - DNS not working (sometimes)
Summary: DNS not working (sometimes)
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: DNS server (internal) (show other bugs)
Version: 4.1.12
Hardware: All Linux
: P5 normal (vote)
Target Milestone: ---
Assignee: Kai Blin
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-01-12 01:30 UTC by Twan Duis
Modified: 2015-12-14 09:55 UTC (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Twan Duis 2015-01-12 01:30:56 UTC 
I have 2 samba4 server running in production (sernet rpms) on centos6.5. On both machines is splitscope dhcp running. On regular basis clients are reporting they cannot find hosts (internal and external).  After troubleshooting (excluding other parts like network, switched, cables and even vmware hardware) i noticed it must be dns resolving. Investigation of dns config the aipServerAddrs got my attention. In DNS management from windows I cannot change the "interfaces" on GACSMB001 to "All IP addresses". 

I was trying to rule samba4 dns out bij installing a win2008 AD controller when i notices the warning that there was only 1 authorised DNS server for the GAC.LAN domain.......?

To rule this out, i have configured only gacsmb002 as the DNS server for clients.  

Hope you can point me to a solution.... Thanks in advance


[root@gacsmb001 ~]# samba-tool dns serverinfo gacsmb001.gac.lan
Password for [administrator@GAC.LAN]:
  dwVersion                   : 0xece0205
  fBootMethod                 : DNS_BOOT_METHOD_DIRECTORY
  fAdminConfigured            : FALSE
  fAllowUpdate                : TRUE
  fDsAvailable                : TRUE
  pszServerName               : GACSMB001.gac.lan
  pszDsContainer              : CN=MicrosoftDNS,DC=DomainDnsZones,DC=gac,DC=lan
  aipServerAddrs              : ['255.255.255.255 (53)', '255.255.255.255 (53)', '255.255.255.255 (53)']
  aipListenAddrs              : ['255.255.255.255 (53)', '255.255.255.255 (53)', '255.255.255.255 (53)']
  aipForwarders               : []
  dwLogLevel                  : 0
  dwDebugLevel                : 0
  dwForwardTimeout            : 3
  dwRpcPrototol               : 0x5
  dwNameCheckFlag             : DNS_ALLOW_MULTIBYTE_NAMES
  cAddressAnswerLimit         : 0
  dwRecursionRetry            : 3
  dwRecursionTimeout          : 8
  dwMaxCacheTtl               : 86400
  dwDsPollingInterval         : 180
  dwScavengingInterval        : 0
  dwDefaultRefreshInterval    : 168
  dwDefaultNoRefreshInterval  : 168
  fAutoReverseZones           : FALSE
  fAutoCacheUpdate            : FALSE
  fRecurseAfterForwarding     : FALSE
  fForwardDelegations         : TRUE
  fNoRecursion                : FALSE
  fSecureResponses            : FALSE
  fRoundRobin                 : TRUE
  fLocalNetPriority           : FALSE
  fBindSecondaries            : FALSE
  fWriteAuthorityNs           : FALSE
  fStrictFileParsing          : FALSE
  fLooseWildcarding           : FALSE
  fDefaultAgingState          : FALSE
  dwRpcStructureVersion       : 0x2
  aipLogFilter                : []
  pwszLogFilePath             : None
  pszDomainName               : gac.lan
  pszForestName               : gac.lan
  pszDomainDirectoryPartition : DC=DomainDnsZones,DC=gac,DC=lan
  pszForestDirectoryPartition : DC=ForestDnsZones,DC=gac,DC=lan
  dwLocalNetPriorityNetMask   : 0xff
  dwLastScavengeTime          : 0
  dwEventLogLevel             : 4
  dwLogFileMaxSize            : 0
  dwDsForestVersion           : 2
  dwDsDomainVersion           : 2
  dwDsDsaVersion              : 4
  fReadOnlyDC                 : FALSE






[root@gacsmb002 loon]# samba-tool dns serverinfo gacsmb001.gac.lan
Password for [administrator@GAC.LAN]:
  dwVersion                   : 0xece0205
  fBootMethod                 : DNS_BOOT_METHOD_DIRECTORY
  fAdminConfigured            : FALSE
  fAllowUpdate                : TRUE
  fDsAvailable                : TRUE
  pszServerName               : GACSMB001.gac.lan
  pszDsContainer              : CN=MicrosoftDNS,DC=DomainDnsZones,DC=gac,DC=lan
  aipServerAddrs              : ['255.255.255.255 (53)', '255.255.255.255 (53)', '255.255.255.255 (53)']
  aipListenAddrs              : ['255.255.255.255 (53)', '255.255.255.255 (53)', '255.255.255.255 (53)']
  aipForwarders               : []
  dwLogLevel                  : 0
  dwDebugLevel                : 0
  dwForwardTimeout            : 3
  dwRpcPrototol               : 0x5
  dwNameCheckFlag             : DNS_ALLOW_MULTIBYTE_NAMES
  cAddressAnswerLimit         : 0
  dwRecursionRetry            : 3
  dwRecursionTimeout          : 8
  dwMaxCacheTtl               : 86400
  dwDsPollingInterval         : 180
  dwScavengingInterval        : 0
  dwDefaultRefreshInterval    : 168
  dwDefaultNoRefreshInterval  : 168
  fAutoReverseZones           : FALSE
  fAutoCacheUpdate            : FALSE
  fRecurseAfterForwarding     : FALSE
  fForwardDelegations         : TRUE
  fNoRecursion                : FALSE
  fSecureResponses            : FALSE
  fRoundRobin                 : TRUE
  fLocalNetPriority           : FALSE
  fBindSecondaries            : FALSE
  fWriteAuthorityNs           : FALSE
  fStrictFileParsing          : FALSE
  fLooseWildcarding           : FALSE
  fDefaultAgingState          : FALSE
  dwRpcStructureVersion       : 0x2
  aipLogFilter                : []
  pwszLogFilePath             : None
  pszDomainName               : gac.lan
  pszForestName               : gac.lan
  pszDomainDirectoryPartition : DC=DomainDnsZones,DC=gac,DC=lan
  pszForestDirectoryPartition : DC=ForestDnsZones,DC=gac,DC=lan
  dwLocalNetPriorityNetMask   : 0xff
  dwLastScavengeTime          : 0
  dwEventLogLevel             : 4
  dwLogFileMaxSize            : 0
  dwDsForestVersion           : 2
  dwDsDomainVersion           : 2
  dwDsDsaVersion              : 4
  fReadOnlyDC                 : FALSE
Comment 1 Twan Duis 2015-01-12 01:32:44 UTC 
with the regular clients i mean one clients has problems while another not..
Comment 2 Björn Jacke 2015-12-11 16:09:27 UTC 
what does "host -t ns gac.lan" return. if you hav÷ regiatered all you DCs as nameservers they should return there. the settings of your nameservers in dhcp are a matter of your dhcp server not of samba then. if everythig is set up right it should work. if not please attach a wireshark trace of a dns query that fails.
Comment 3 Twan Duis 2015-12-14 09:55:27 UTC 
The output is:

[root@gacsmb001 ~]# host -t ns gac.lan
gac.lan name server gacsmb001.gac.lan.
gac.lan name server gacsmb003.gac.lan.
gac.lan name server gacsmb002.gac.lan.

Please close this call as the output is good. I need to check dhcp then..