Hi, Thanks for your help. Is like magic, after a lot of tests without results and just now the file is finally created and works as expected... Maybe it need more time. Sorry for ask here, but I've asked because in this server bind is only a bridge between the Samba 4 and the other server and then i did not know if maybe i did something wrong or samba need any special configuration. Now i see how works and i know that the question is about bind only. Thanks again and greetings!! El 17 nov. 2015 1:28 p. m., "Reindl Harald" <h.reindl at thelounge.net> escribió:> i wonder why that is a samba-topic, anyways.... > > Am 17.11.2015 um 13:00 schrieb Daniel Carrasco Marín: > >> Is there any way to configure a slave bind server?. I'm trying to do it >> but >> the zone is not updated. >> > > surely, as you did > > Nov 17 12:51:07 SlaveServer named[25306]: xfer-in: info: transfer of >> 'domain.red/IN' from 192.168.222.250#53: connected using >> 192.168.222.254#27985 >> >> And master has no entries on log about this... >> > > then he did not get connected > > What i can be doing wrong? >> > > does TCP on port 53 work from the salve to the master? > telnet master-ip 53 > > zone transfers are *not* UDP and in general a nameserver needs to be > rechable via both UDP/TCP these days or things will randomly fail in case > of large responses > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Hello Daniel, Am 17.11.2015 um 21:13 schrieb Daniel Carrasco Marín:> Is like magic, after a lot of tests without results and just now the file > is finally created and works as expected... Maybe it need more time. > Sorry for ask here, but I've asked because in this server bind is only a > bridge between the Samba 4 and the other server and then i did not know if > maybe i did something wrong or samba need any special configuration. Now i > see how works and i know that the question is about bind only.Zone transfer control outside directory replication is currently not implemented. This means, whatever you setup in AD DNS via MMC; this setting is not respected and you will get an error if you try to change it. BIND9_DLZ currently allows zone transfers and you can't disable it. On the other hand, the internal DNS doesn't and you can't enable it. The last discussion about that was, that at least both should act the same way and disable zone transfers for BIND9_DLZ, too. Until yet, no one submitted a patch, but if you setup something that relies on that behaviour, you maybe get a surprise one day after updating. :-) For more about that discussion, see https://bugzilla.samba.org/show_bug.cgi?id=9634 Regards, Marc
I see, thanks for the info ;) Maybe one day will work, but for now is not a problem for me becase the Samba server is on a private network separated from users and WAN, and the slave server which is the "gateway", allow to block the domain transfers. Maybe my problem was the pfSense server and paths, because i've used the full path for the bind db file and now i see that did not work... Is strange because if i use the relative path works (and the folder is the same). Anyway, this is offtopic ;P ¡¡Greetings!! 2015-11-17 22:49 GMT+01:00 Marc Muehlfeld <mmuehlfeld at samba.org>:> Hello Daniel, > > Am 17.11.2015 um 21:13 schrieb Daniel Carrasco Marín: > > Is like magic, after a lot of tests without results and just now the file > > is finally created and works as expected... Maybe it need more time. > > Sorry for ask here, but I've asked because in this server bind is only a > > bridge between the Samba 4 and the other server and then i did not know > if > > maybe i did something wrong or samba need any special configuration. Now > i > > see how works and i know that the question is about bind only. > > Zone transfer control outside directory replication is currently not > implemented. This means, whatever you setup in AD DNS via MMC; this > setting is not respected and you will get an error if you try to change it. > > BIND9_DLZ currently allows zone transfers and you can't disable it. On > the other hand, the internal DNS doesn't and you can't enable it. > > The last discussion about that was, that at least both should act the > same way and disable zone transfers for BIND9_DLZ, too. Until yet, no > one submitted a patch, but if you setup something that relies on that > behaviour, you maybe get a surprise one day after updating. :-) For more > about that discussion, see > https://bugzilla.samba.org/show_bug.cgi?id=9634 > > > Regards, > Marc >