nslookup google.com ;; Got recursion not available from 192.168.1.236, trying next server Server: 192.168.1.235 Address: 192.168.1.235#53 Non-authoritative answer: Name: google.com Address: 172.217.4.78 Interesting little bit about the "Recursion not available" On Thu, Jun 30, 2016 at 9:52 AM, lingpanda101 at gmail.com < lingpanda101 at gmail.com> wrote:> On 6/30/2016 9:41 AM, Garland McAlexander wrote: > >> Hosts: >> >> 127.0.0.1 localhost localhost.localdomain localhost4 >> localhost4.localdomain4 >> ::1 localhost localhost.localdomain localhost6 >> localhost6.localdomain6 >> 192.168.1.235 bus-ny-dc-01.domain.domain.com < >> http://bus-ny-dc-01.domain.domain.com> bus-ny-dc-01 >> >> >> Resolv: >> >> # Generated by NetworkManager >> search domain.domain.com <http://domain.domain.com> >> nameserver 192.168.1.236 >> nameserver 192.168.1.235 >> >> Smb.conf: >> >> # Global parameters >> [global] >> workgroup = DOMAIN >> realm = DOMAIN.DOMAIN.COM <http://DOMAIN.DOMAIN.COM> >> netbios name = BUS-NY-DC-01 >> server role = active directory domain controller >> dns forwarder = 8.8.8.8 >> printing = bsd >> printcap name = /dev/null >> >> [netlogon] >> path = /var/lib/samba/sysvol/domain.domain.com/scripts < >> http://domain.domain.com/scripts> >> read only = No >> >> [sysvol] >> path = /var/lib/samba/sysvol >> read only = No >> >> >> >> On Thu, Jun 30, 2016 at 9:36 AM, lingpanda101 at gmail.com <mailto: >> lingpanda101 at gmail.com> <lingpanda101 at gmail.com <mailto: >> lingpanda101 at gmail.com>> wrote: >> >> On 6/30/2016 9:25 AM, Garland McAlexander wrote: >> >> Yes, it's set up with 8.8.8.8 >> >> I'm able to ping it without issues, jut not able to resolve >> anything >> externally. >> >> On Thu, Jun 30, 2016 at 9:09 AM, mathias dufresne >> <infractory at gmail.com <mailto:infractory at gmail.com>> >> wrote: >> >> To get recursion working with internal DNS you only need >> to set up: >> dns forwarder = <IP of your main DNS> >> >> Is it configured? >> >> If yes and packets can go from your broken DC to "your >> main DNS" using TCP >> and also UDP, there is an issue. >> >> 2016-06-30 14:58 GMT+02:00 Garland McAlexander >> <garland at linear.nyc>: >> >> It's samba internal DNS. Only one DNS zone, and it's >> domain.domain.tld. >> It'll function perfectly, and then cease to function >> at a random time. >> >> On Thu, Jun 30, 2016 at 5:31 AM, Mueller >> <mueller at tropenklinik.de >> <mailto:mueller at tropenklinik.de>> wrote: >> >> What kind of DNS, bind or internal? >> With bind an samba 4.3.4 I have an issue and I >> have to restart bind an >> avahi: >> s4slave named-sdb[8750]: error (connection >> refused) resolving ' >> thefreelanceforum.com/AAAA/IN >> <http://thefreelanceforum.com/AAAA/IN>': >> 192.12.94.30#53. >> >> Only a restart of bind resolves this. >> >> >> EDV Daniel Müller >> >> Leitung EDV >> Tropenklinik Paul-Lechler-Krankenhaus >> Paul-Lechler-Str. 24 >> 72076 Tübingen >> Tel.: 07071/206-463, Fax: 07071/206-499 >> Email: mueller at tropenklinik.de >> <mailto:mueller at tropenklinik.de> >> www.tropenklinik.de <http://www.tropenklinik.de> >> www.bauen-sie-mit.tropenklinik.de >> <http://www.bauen-sie-mit.tropenklinik.de> >> >> >> >> >> -----Ursprüngliche Nachricht----- >> Von: Garland McAlexander >> [mailto:garland at linear.nyc >> <mailto:garland at linear.nyc>] >> Gesendet: Donnerstag, 30. Juni 2016 10:52 >> An: samba at lists.samba.org >> <mailto:samba at lists.samba.org> >> >> Betreff: [Samba] DNS Suddenly breaking >> >> Hi All, >> >> I've got a newly created Samba4 domain. I'm >> running into a strange >> >> issue >> >> where my internal DNS on my first domain >> controller is "breaking" >> >> causing >> >> it to not resolve any external hosts. It'll still >> resolve internal hosts >> without issue. This is only on the first DC, the >> second DC is running >> perfectly fine and can access external hosts >> without issue. >> >> There is absolutely NOTHING in the logs about >> this. I cannot find where >> this is going wrong, and sometimes it seems that >> it'll randomly fix >> >> itself. >> >> Any help is sincerely appreciated. >> -- >> To unsubscribe from this list go to the following >> URL and read the >> instructions: >> https://lists.samba.org/mailman/options/samba >> >> >> >> -- >> *Sincerely,* >> *Garland McAlexander* >> *O: 212-271-0198 <tel:212-271-0198>* >> *C: 321-315-9948 <tel:321-315-9948>* >> -- >> To unsubscribe from this list go to the following URL >> and read the >> instructions: >> https://lists.samba.org/mailman/options/samba >> >> >> >> >> Can you post your hosts file, resolv.conf and smb.conf from DC1? >> >> -- -James >> >> >> >> -- To unsubscribe from this list go to the following URL and read >> the >> instructions: https://lists.samba.org/mailman/options/samba >> >> >> >> >> -- >> /Sincerely,/ >> /Garland McAlexander/ >> /O: 212-271-0198/ >> /C: 321-315-9948/ >> >> Nothing out of the ordinary. Does the issue happen on the server side or > client side? Can you run 'nslookup google.com' from the DC? It should > look similar to this. > > nslookup google.com > Server: 192.168.1.236 > Address: 192.168.1.236#53 > > Non-authoritative answer: > Name: google.com > Address: 172.217.2.206 > > Can you rerun the same if it also happens from the client side? > > > > -- > -James > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >-- *Sincerely,* *Garland McAlexander* *O: 212-271-0198* *C: 321-315-9948*
On 6/30/2016 9:57 AM, Garland McAlexander wrote:> nslookup google.com <http://google.com> > ;; Got recursion not available from 192.168.1.236, trying next server > Server: 192.168.1.235 > Address: 192.168.1.235#53 > > Non-authoritative answer: > Name: google.com <http://google.com> > Address: 172.217.4.78 > > > Interesting little bit about the "Recursion not available" > > On Thu, Jun 30, 2016 at 9:52 AM, lingpanda101 at gmail.com > <mailto:lingpanda101 at gmail.com> <lingpanda101 at gmail.com > <mailto:lingpanda101 at gmail.com>> wrote: > > On 6/30/2016 9:41 AM, Garland McAlexander wrote: > > Hosts: > > 127.0.0.1 localhost localhost.localdomain localhost4 > localhost4.localdomain4 > ::1 localhost localhost.localdomain localhost6 > localhost6.localdomain6 > 192.168.1.235 bus-ny-dc-01.domain.domain.com > <http://bus-ny-dc-01.domain.domain.com> > <http://bus-ny-dc-01.domain.domain.com> bus-ny-dc-01 > > > Resolv: > > # Generated by NetworkManager > search domain.domain.com <http://domain.domain.com> > <http://domain.domain.com> > nameserver 192.168.1.236 > nameserver 192.168.1.235 > > Smb.conf: > > # Global parameters > [global] > workgroup = DOMAIN > realm = DOMAIN.DOMAIN.COM <http://DOMAIN.DOMAIN.COM> > <http://DOMAIN.DOMAIN.COM> > netbios name = BUS-NY-DC-01 > server role = active directory domain controller > dns forwarder = 8.8.8.8 > printing = bsd > printcap name = /dev/null > > [netlogon] > path = /var/lib/samba/sysvol/domain.domain.com/scripts > <http://domain.domain.com/scripts> > <http://domain.domain.com/scripts> > read only = No > > [sysvol] > path = /var/lib/samba/sysvol > read only = No > > > > On Thu, Jun 30, 2016 at 9:36 AM, lingpanda101 at gmail.com > <mailto:lingpanda101 at gmail.com> <mailto:lingpanda101 at gmail.com > <mailto:lingpanda101 at gmail.com>> <lingpanda101 at gmail.com > <mailto:lingpanda101 at gmail.com> <mailto:lingpanda101 at gmail.com > <mailto:lingpanda101 at gmail.com>>> wrote: > > On 6/30/2016 9:25 AM, Garland McAlexander wrote: > > Yes, it's set up with 8.8.8.8 > > I'm able to ping it without issues, jut not able to > resolve > anything > externally. > > On Thu, Jun 30, 2016 at 9:09 AM, mathias dufresne > <infractory at gmail.com <mailto:infractory at gmail.com> > <mailto:infractory at gmail.com <mailto:infractory at gmail.com>>> > wrote: > > To get recursion working with internal DNS you > only need > to set up: > dns forwarder = <IP of your main DNS> > > Is it configured? > > If yes and packets can go from your broken DC to "your > main DNS" using TCP > and also UDP, there is an issue. > > 2016-06-30 14:58 GMT+02:00 Garland McAlexander > <garland at linear.nyc>: > > It's samba internal DNS. Only one DNS zone, > and it's > domain.domain.tld. > It'll function perfectly, and then cease to > function > at a random time. > > On Thu, Jun 30, 2016 at 5:31 AM, Mueller > <mueller at tropenklinik.de > <mailto:mueller at tropenklinik.de> > <mailto:mueller at tropenklinik.de > <mailto:mueller at tropenklinik.de>>> wrote: > > What kind of DNS, bind or internal? > With bind an samba 4.3.4 I have an issue and I > have to restart bind an > avahi: > s4slave named-sdb[8750]: error (connection > refused) resolving ' > thefreelanceforum.com/AAAA/IN > <http://thefreelanceforum.com/AAAA/IN> > <http://thefreelanceforum.com/AAAA/IN>': > 192.12.94.30#53. > > Only a restart of bind resolves this. > > > EDV Daniel Müller > > Leitung EDV > Tropenklinik Paul-Lechler-Krankenhaus > Paul-Lechler-Str. 24 > 72076 Tübingen > Tel.: 07071/206-463, Fax: 07071/206-499 > Email: mueller at tropenklinik.de > <mailto:mueller at tropenklinik.de> > <mailto:mueller at tropenklinik.de > <mailto:mueller at tropenklinik.de>> > www.tropenklinik.de <http://www.tropenklinik.de> > <http://www.tropenklinik.de> > www.bauen-sie-mit.tropenklinik.de > <http://www.bauen-sie-mit.tropenklinik.de> > <http://www.bauen-sie-mit.tropenklinik.de> > > > > > -----Ursprüngliche Nachricht----- > Von: Garland McAlexander > [mailto:garland at linear.nyc > <mailto:garland at linear.nyc> > <mailto:garland at linear.nyc > <mailto:garland at linear.nyc>>] > Gesendet: Donnerstag, 30. Juni 2016 10:52 > An: samba at lists.samba.org > <mailto:samba at lists.samba.org> > <mailto:samba at lists.samba.org > <mailto:samba at lists.samba.org>> > > Betreff: [Samba] DNS Suddenly breaking > > Hi All, > > I've got a newly created Samba4 domain. I'm > running into a strange > > issue > > where my internal DNS on my first domain > controller is "breaking" > > causing > > it to not resolve any external hosts. > It'll still > resolve internal hosts > without issue. This is only on the first > DC, the > second DC is running > perfectly fine and can access external hosts > without issue. > > There is absolutely NOTHING in the logs about > this. I cannot find where > this is going wrong, and sometimes it > seems that > it'll randomly fix > > itself. > > Any help is sincerely appreciated. > -- > To unsubscribe from this list go to the > following > URL and read the > instructions: > https://lists.samba.org/mailman/options/samba > > > > -- > *Sincerely,* > *Garland McAlexander* > *O: 212-271-0198 <tel:212-271-0198> > <tel:212-271-0198 <tel:212-271-0198>>* > *C: 321-315-9948 <tel:321-315-9948> > <tel:321-315-9948 <tel:321-315-9948>>* > -- > To unsubscribe from this list go to the > following URL > and read the > instructions: > https://lists.samba.org/mailman/options/samba > > > > > Can you post your hosts file, resolv.conf and smb.conf > from DC1? > > -- -James > > > > -- To unsubscribe from this list go to the following > URL and read the > instructions: https://lists.samba.org/mailman/options/samba > > > > > -- > /Sincerely,/ > /Garland McAlexander/ > /O: 212-271-0198 <tel:212-271-0198>/ > /C: 321-315-9948 <tel:321-315-9948>/ > > Nothing out of the ordinary. Does the issue happen on the server > side or client side? Can you run 'nslookup google.com > <http://google.com>' from the DC? It should look similar to this. > > nslookup google.com <http://google.com> > Server: 192.168.1.236 > Address: 192.168.1.236#53 > > Non-authoritative answer: > Name: google.com <http://google.com> > Address: 172.217.2.206 > > Can you rerun the same if it also happens from the client side? > > > > -- > -James > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > > > > > -- > /Sincerely,/ > /Garland McAlexander/ > /O: 212-271-0198/ > /C: 321-315-9948/ >This tells me the issue is on DC2 and not DC1. Can you post the same configs from DC2? -- -James
from both DC: dig google.com dig @8.8.8.8 google.com First dig will use resolvers declared into /etc/resolv.conf. Second dig forces usage of 8.8.8.8. Both commands should reply the same things, on all DC. 2016-06-30 15:58 GMT+02:00 lingpanda101 at gmail.com <lingpanda101 at gmail.com>:> On 6/30/2016 9:57 AM, Garland McAlexander wrote: > >> nslookup google.com <http://google.com> >> ;; Got recursion not available from 192.168.1.236, trying next server >> Server: 192.168.1.235 >> Address: 192.168.1.235#53 >> >> Non-authoritative answer: >> Name: google.com <http://google.com> >> Address: 172.217.4.78 >> >> >> Interesting little bit about the "Recursion not available" >> >> >> On Thu, Jun 30, 2016 at 9:52 AM, lingpanda101 at gmail.com <mailto: >> lingpanda101 at gmail.com> <lingpanda101 at gmail.com <mailto: >> lingpanda101 at gmail.com>> wrote: >> >> On 6/30/2016 9:41 AM, Garland McAlexander wrote: >> >> Hosts: >> >> 127.0.0.1 localhost localhost.localdomain localhost4 >> localhost4.localdomain4 >> ::1 localhost localhost.localdomain localhost6 >> localhost6.localdomain6 >> 192.168.1.235 bus-ny-dc-01.domain.domain.com >> <http://bus-ny-dc-01.domain.domain.com> >> <http://bus-ny-dc-01.domain.domain.com> bus-ny-dc-01 >> >> >> Resolv: >> >> # Generated by NetworkManager >> search domain.domain.com <http://domain.domain.com> >> <http://domain.domain.com> >> nameserver 192.168.1.236 >> nameserver 192.168.1.235 >> >> Smb.conf: >> >> # Global parameters >> [global] >> workgroup = DOMAIN >> realm = DOMAIN.DOMAIN.COM <http://DOMAIN.DOMAIN.COM> >> <http://DOMAIN.DOMAIN.COM> >> netbios name = BUS-NY-DC-01 >> server role = active directory domain controller >> dns forwarder = 8.8.8.8 >> printing = bsd >> printcap name = /dev/null >> >> [netlogon] >> path = /var/lib/samba/sysvol/domain.domain.com/scripts >> <http://domain.domain.com/scripts> >> <http://domain.domain.com/scripts> >> read only = No >> >> [sysvol] >> path = /var/lib/samba/sysvol >> read only = No >> >> >> >> On Thu, Jun 30, 2016 at 9:36 AM, lingpanda101 at gmail.com >> <mailto:lingpanda101 at gmail.com> <mailto:lingpanda101 at gmail.com >> <mailto:lingpanda101 at gmail.com>> <lingpanda101 at gmail.com >> <mailto:lingpanda101 at gmail.com> <mailto:lingpanda101 at gmail.com >> <mailto:lingpanda101 at gmail.com>>> wrote: >> >> On 6/30/2016 9:25 AM, Garland McAlexander wrote: >> >> Yes, it's set up with 8.8.8.8 >> >> I'm able to ping it without issues, jut not able to >> resolve >> anything >> externally. >> >> On Thu, Jun 30, 2016 at 9:09 AM, mathias dufresne >> <infractory at gmail.com <mailto:infractory at gmail.com> >> <mailto:infractory at gmail.com <mailto:infractory at gmail.com>>> >> wrote: >> >> To get recursion working with internal DNS you >> only need >> to set up: >> dns forwarder = <IP of your main DNS> >> >> Is it configured? >> >> If yes and packets can go from your broken DC to "your >> main DNS" using TCP >> and also UDP, there is an issue. >> >> 2016-06-30 14:58 GMT+02:00 Garland McAlexander >> <garland at linear.nyc>: >> >> It's samba internal DNS. Only one DNS zone, >> and it's >> domain.domain.tld. >> It'll function perfectly, and then cease to >> function >> at a random time. >> >> On Thu, Jun 30, 2016 at 5:31 AM, Mueller >> <mueller at tropenklinik.de >> <mailto:mueller at tropenklinik.de> >> <mailto:mueller at tropenklinik.de >> <mailto:mueller at tropenklinik.de>>> wrote: >> >> What kind of DNS, bind or internal? >> With bind an samba 4.3.4 I have an issue and I >> have to restart bind an >> avahi: >> s4slave named-sdb[8750]: error (connection >> refused) resolving ' >> thefreelanceforum.com/AAAA/IN >> <http://thefreelanceforum.com/AAAA/IN> >> <http://thefreelanceforum.com/AAAA/IN>': >> 192.12.94.30#53. >> >> Only a restart of bind resolves this. >> >> >> EDV Daniel Müller >> >> Leitung EDV >> Tropenklinik Paul-Lechler-Krankenhaus >> Paul-Lechler-Str. 24 >> 72076 Tübingen >> Tel.: 07071/206-463, Fax: 07071/206-499 >> Email: mueller at tropenklinik.de >> <mailto:mueller at tropenklinik.de> >> <mailto:mueller at tropenklinik.de >> <mailto:mueller at tropenklinik.de>> >> www.tropenklinik.de <http://www.tropenklinik.de> >> <http://www.tropenklinik.de> >> www.bauen-sie-mit.tropenklinik.de >> <http://www.bauen-sie-mit.tropenklinik.de> >> <http://www.bauen-sie-mit.tropenklinik.de> >> >> >> >> >> -----Ursprüngliche Nachricht----- >> Von: Garland McAlexander >> [mailto:garland at linear.nyc >> <mailto:garland at linear.nyc> >> <mailto:garland at linear.nyc >> <mailto:garland at linear.nyc>>] >> Gesendet: Donnerstag, 30. Juni 2016 10:52 >> An: samba at lists.samba.org >> <mailto:samba at lists.samba.org> >> <mailto:samba at lists.samba.org >> >> <mailto:samba at lists.samba.org>> >> >> Betreff: [Samba] DNS Suddenly breaking >> >> Hi All, >> >> I've got a newly created Samba4 domain. I'm >> running into a strange >> >> issue >> >> where my internal DNS on my first domain >> controller is "breaking" >> >> causing >> >> it to not resolve any external hosts. >> It'll still >> resolve internal hosts >> without issue. This is only on the first >> DC, the >> second DC is running >> perfectly fine and can access external hosts >> without issue. >> >> There is absolutely NOTHING in the logs about >> this. I cannot find where >> this is going wrong, and sometimes it >> seems that >> it'll randomly fix >> >> itself. >> >> Any help is sincerely appreciated. >> -- >> To unsubscribe from this list go to the >> following >> URL and read the >> instructions: >> https://lists.samba.org/mailman/options/samba >> >> >> >> -- >> *Sincerely,* >> *Garland McAlexander* >> *O: 212-271-0198 <tel:212-271-0198> >> <tel:212-271-0198 <tel:212-271-0198>>* >> *C: 321-315-9948 <tel:321-315-9948> >> <tel:321-315-9948 <tel:321-315-9948>>* >> -- >> To unsubscribe from this list go to the >> following URL >> and read the >> instructions: >> https://lists.samba.org/mailman/options/samba >> >> >> >> >> Can you post your hosts file, resolv.conf and smb.conf >> from DC1? >> >> -- -James >> >> >> >> -- To unsubscribe from this list go to the following >> URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> >> >> >> >> -- /Sincerely,/ >> /Garland McAlexander/ >> /O: 212-271-0198 <tel:212-271-0198>/ >> /C: 321-315-9948 <tel:321-315-9948>/ >> >> Nothing out of the ordinary. Does the issue happen on the server >> side or client side? Can you run 'nslookup google.com >> <http://google.com>' from the DC? It should look similar to this. >> >> nslookup google.com <http://google.com> >> Server: 192.168.1.236 >> Address: 192.168.1.236#53 >> >> Non-authoritative answer: >> Name: google.com <http://google.com> >> Address: 172.217.2.206 >> >> Can you rerun the same if it also happens from the client side? >> >> >> >> -- -James >> >> -- To unsubscribe from this list go to the following URL and read >> the >> instructions: https://lists.samba.org/mailman/options/samba >> >> >> >> >> -- >> /Sincerely,/ >> /Garland McAlexander/ >> /O: 212-271-0198/ >> /C: 321-315-9948/ >> >> This tells me the issue is on DC2 and not DC1. Can you post the same > configs from DC2? > > > > -- > -James > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >