Hello, what IP(s) should be set for each domain controller? If there are two should both have their own IP set in resolv.conf or should they have the IPs of both DCs? Or possibly just 127.0.0.1 on each DC? Second thing I had was that clients with DNS set to both DCs could not resolve a special host in the internet while the DNS forwarder can. I needed to restart DCs to get it work again. Thanks Tim
On 29/01/15 20:22, Tim wrote:> Hello, > > what IP(s) should be set for each domain controller? If there are two should both have their own IP set in resolv.conf or should they have the IPs of both DCs? Or possibly just 127.0.0.1 on each DC? > > Second thing I had was that clients with DNS set to both DCs could not resolve a special host in the internet while the DNS forwarder can. I needed to restart DCs to get it work again. > > Thanks > TimI just use 127.0.0.1 on each DC, after all, the DC should use itself for DNS and if something has gone wrong, having another DC to ask may not be any use. What could have happened in your case is that a client could have asked the first DC for a host on the internet, this DC didn't know so it asks the second DC, this DC doesn't know either so it asks the First DC and so on, a bit like table tennis :-D Rowland
Sounds logical. I didn't think about that. Possibly sth. for the wikis? Am 29. Januar 2015 21:36:13 MEZ, schrieb Rowland Penny <rowlandpenny at googlemail.com>:>On 29/01/15 20:22, Tim wrote: >> Hello, >> >> what IP(s) should be set for each domain controller? If there are two >should both have their own IP set in resolv.conf or should they have >the IPs of both DCs? Or possibly just 127.0.0.1 on each DC? >> >> Second thing I had was that clients with DNS set to both DCs could >not resolve a special host in the internet while the DNS forwarder can. >I needed to restart DCs to get it work again. >> >> Thanks >> Tim > >I just use 127.0.0.1 on each DC, after all, the DC should use itself >for >DNS and if something has gone wrong, having another DC to ask may not >be >any use. > >What could have happened in your case is that a client could have asked > >the first DC for a host on the internet, this DC didn't know so it asks > >the second DC, this DC doesn't know either so it asks the First DC and >so on, a bit like table tennis :-D > >Rowland > >-- >To unsubscribe from this list go to the following URL and read the >instructions: https://lists.samba.org/mailman/options/samba
Am 29.01.2015 um 21:36 schrieb Rowland Penny:> I just use 127.0.0.1 on each DC, after all, the DC should use itself for > DNS and if something has gone wrong, having another DC to ask may not be > any use.If you're having more than one DC, then you should not use the own DNS as primary on a DC. It can cause problems like DNS islanding. Some DNS best practices: http://blogs.technet.com/b/askds/archive/2010/07/17/friday-mail-sack-saturday-edition.aspx#dnsbest We should mention this on the "Join as DC" page and somewhere on the DNS pages, too. I'll put this on my list. Regards, Marc
So if i did read right . .. In my case.. I have 2 DC ( with bind9 dns DLZ ) and i have 2 proxy servers with DNS (bind9) slaves for the DC's. I should point my /etc/resolv.conf of the DC's also to the slave dns servers? and in case of just 2 dc's without slave dns servers, point the DC1 to DC2 dns and DC2 to DC1 dns ? If thats the case i have to change my scripts ;-) Greetz, Louis>-----Oorspronkelijk bericht----- >Van: mmuehlfeld at samba.org >[mailto:samba-bounces at lists.samba.org] Namens Marc Muehlfeld >Verzonden: vrijdag 30 januari 2015 15:33 >Aan: Rowland Penny; samba at lists.samba.org >Onderwerp: Re: [Samba] resolv.conf setup and DNS issue > >Am 29.01.2015 um 21:36 schrieb Rowland Penny: >> I just use 127.0.0.1 on each DC, after all, the DC should >use itself for >> DNS and if something has gone wrong, having another DC to >ask may not be >> any use. > > >If you're having more than one DC, then you should not use the own DNS >as primary on a DC. It can cause problems like DNS islanding. > >Some DNS best practices: >http://blogs.technet.com/b/askds/archive/2010/07/17/friday-mail >-sack-saturday-edition.aspx#dnsbest > > >We should mention this on the "Join as DC" page and somewhere >on the DNS >pages, too. I'll put this on my list. > > >Regards, >Marc >-- >To unsubscribe from this list go to the following URL and read the >instructions: https://lists.samba.org/mailman/options/samba > >