Please ignore, resolved now (although I don't know why or how). Strange that things always resolve only after (!) posting to this list. The latter seems to work in magic ways. ;) Rowland, thank you very much for your quick replay!! I was able to ping the forwarder, but i wasn't able to resolve any hostnames on the DCs themselves. After I restarted the samba services, the issue went away. I did some changes to the smb.conf and only applied them via "smbcontrol all reload-config". Seems that a complete service restart was necessary for whatever reason. Thanks again! Ole On 29.05.2018 13:59, Rowland Penny via samba wrote:> On Tue, 29 May 2018 13:40:50 +0200 > Ole Traupe via samba <samba at lists.samba.org> wrote: > >> Hi list, >> >> Today, DNS forwarding stopped working for my domain, and I have no >> clue as to why. We are using Samba internal DNS. >> >> It stopped working for one DC on old hardware a couple of days ago. I >> suspected a hard drive issue (bad blocks in DNS related files) and >> wanted to replace the server in the next days. >> >> Today I rebooted the other DC due to maintenance of the host machine, >> and DNS forwarding stopped working there as well. >> >> I am puzzled as everything else seems to be working fine (Windows >> log-ons, file access on a member server). >> >> Where can I look, what can I do? >> >> Please help. This domain is in production and we basically don't have >> any internet now. >> >> Thanks, >> Ole >> >> >> > First post your smb.conf > Can you ping the forwarder from the DC ? > Is anything listening on port 53 on the DC ? > Is anything listening on port 53 on the DC that shouldn't be ? > OS ? > Samba version ? > > Rowland >
On Tue, 29 May 2018 14:05:23 +0200 Ole Traupe via samba <samba at lists.samba.org> wrote:> Please ignore, resolved now (although I don't know why or how). > Strange that things always resolve only after (!) posting to this > list. The latter seems to work in magic ways. ;) > > Rowland, thank you very much for your quick replay!! I was able to > ping the forwarder, but i wasn't able to resolve any hostnames on the > DCs themselves. After I restarted the samba services, the issue went > away. I did some changes to the smb.conf and only applied them via > "smbcontrol all reload-config". Seems that a complete service restart > was necessary for whatever reason. >Hmm, there is a problem with Bind9, if you reload the config, it falls over, everybody pointed at Bind9, but now I am not so sure. Could it be that it is actually a Samba problem ?? Rowland
On 29.05.2018 14:13, Rowland Penny via samba wrote:> On Tue, 29 May 2018 14:05:23 +0200 > Ole Traupe via samba <samba at lists.samba.org> wrote: > >> Please ignore, resolved now (although I don't know why or how). >> Strange that things always resolve only after (!) posting to this >> list. The latter seems to work in magic ways. ;) >> >> Rowland, thank you very much for your quick replay!! I was able to >> ping the forwarder, but i wasn't able to resolve any hostnames on the >> DCs themselves. After I restarted the samba services, the issue went >> away. I did some changes to the smb.conf and only applied them via >> "smbcontrol all reload-config". Seems that a complete service restart >> was necessary for whatever reason. >> > Hmm, there is a problem with Bind9, if you reload the config, it falls > over, everybody pointed at Bind9, but now I am not so sure. Could it be > that it is actually a Samba problem ?? > > Rowland >I am not sure. I am using the internal DNS server. So, a while ago I tried to resolve a completely different issue with DNS (interference by a Windows security software module with TLS encrypted traffic). I tried a different (valid as such) DNS forwarder and apparently entered an incorrect value - and applied that modification via "smbcontrol all reload-config". It did not have an effect, and so I forgot about it. Until restarting my DCs due to different reasons one after the other. Then I found the mistake and corrected it, but again that didn't help - until I realized that I need to restart the service (which was done implicitly via the machine reboot). So basically, I do these things not often enough to remember their peculiarities. However, if DNS resolver changes should apply via "smbcontrol all reload-config", then there clearly is something wrong.