Greg Zartman
2014-Nov-14 02:10 UTC
[Samba] SOLVED dnscache in front of samba4 internal dns (was: Re: Samba internal DNS + 2nd DNS)
On Sun, Oct 26, 2014 at 11:37 PM, Greg Zartman <gzartman at koozali.org> wrote:> I'm workign to setup Samba4 and my current centos server deployment uses > TinyDNS/DNSCache for the DNS. Understanding that it is best to use Sambas > internal DNS for AD, I'm wondering how others are doing DNS? I really > don't want to use BIND. > > Should my DHCP server send ddns updates to Samba's internal DNS for client > leases? >I just wanted to follow up on this. One of the developers in the SME Project successfully was able to get a dnscache running in front of Samba4 internal DNS using the following: iptables -t nat -I PREROUTING --in-interface eth0 -p tcp -d [localIP] --destination-port 53 -j DNAT --to-destination [ip_dnscache_listens_on] More details in this bug report: http://bugs.contribs.org/show_bug.cgi?id=8638 This allows us to have an instance of dnscache running in front of samba4 and deligating DNS. dnscache delegates DNS for the samba4 domain to the samba4 internal DNS. What this does for us is get resolving dns in front of samba4, doesn't required BIND, and doesn't rely upon the relatively new dns code in Samba4. It's a pity the Samba team didn't look ad djb DNS instead of DNS masq when working to implement AD DNS in Samba 4. They could have saved themselves quite alot of work. djb DNS is very solid and light weight and does everything BIND will do: http://cr.yp.to/djbdns.html