"David González Herrera - [DGHVoIP]"
2013-Jun-20 17:55 UTC
[Samba] DNS replication and BDCs
Hi, For normal readers you kn ow already my setup, but for those new here, I have a Samba4 PDC and two BDCs one a samba4 and the other a W2k8 R2 machine. Yesterday we had problems with our upstream service provider and my PDC (Backend BIND 9 DLZ) went down for some hours, as you might guess my whole AD was down due to the fact that the main DNS was down. I would like youi to point me or tell me how do I create a fail-over or high availability system so that when one of the DCs is down the other takes over Auth tasks and obviously DNS. I've thought a solution would be to make a slave BIND DNS on another slaver and replicate the Samba Zone and add aappropriate NS and A records to the main zone so that clients can query another DNS for the zone and not fail as I faced yesterday. This is a production environment scenario and I have many servers authenticating users against the samba server so if this fails everything else does. I'd really appreciate your advise here. Thanks again. -- David Gonzalez DGHVoIP USA: MOBILE: +1.646.559.6200 COL: +57.1.382.6718 COL: +57.4.247.0985 URL: www.dghvoip.com Skype: davidgonzalezh
Hello David, Am 20.06.2013 19:55, schrieb "David Gonz?lez Herrera - [DGHVoIP]":> I would like youi to point me or tell me how do I create a fail-over or > high availability system so that when one of the DCs is down the other > takes over Auth tasks and obviously DNS. > > I've thought a solution would be to make a slave BIND DNS on another > slaver and replicate the Samba Zone and add aappropriate NS and A > records to the main zone so that clients can query another DNS for the > zone and not fail as I faced yesterday. This is a production environment > scenario and I have many servers authenticating users against the samba > server so if this fails everything else does.When you join a second DC to the AD (http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC), then the DNS part is also automatically replicated. As you already have a second DC, please check, if Samba (or BIND) is listening on port 53 to answer DNS queries. # netstat -taunp | grep ":53" Then you only have to configure your clients, to use the second machine as DNS server, too. There's nothing special you have to do here. You can use BIND or the internal DNS on the other DCs. It don't need to be the same than on your first one. Regards, Marc