On 8/17/18 11:03 AM, Rowland Penny via samba wrote:> I know you say two IP ranges, but are you also thinking of two dns > domains ?No: one DNS domain.> If you are only going to have one dns domain, then it should work, you > will just have to create the required reverse zones and you will > probably be better off using Bind9 instead of the internal dns server.Why? I'm using internal DNS right now; why would I be "better off" with Bind9? What are the shortcomings of interna DNS?> You will also probably be better off using 'sites' with at least one DC > in each site.Is this really needed? Consider my "sites" would both be local and I would only have one physical server facing both VLANs. In any case, do you have a pointer to some documentation I can use (especially WRT to DNS)? bye & Thanks av.
On Fri, 17 Aug 2018 11:31:01 +0200 Andrea Venturoli via samba <samba at lists.samba.org> wrote:> On 8/17/18 11:03 AM, Rowland Penny via samba wrote: > > > I know you say two IP ranges, but are you also thinking of two dns > > domains ? > > No: one DNS domain. > > > If you are only going to have one dns domain, then it should work, > > you will just have to create the required reverse zones and you will > > probably be better off using Bind9 instead of the internal dns > > server. > > Why? > I'm using internal DNS right now; why would I be "better off" with > Bind9? What are the shortcomings of interna DNS?Once you get past one DC, using Bind9 gives better results.> > You will also probably be better off using 'sites' with at least > > one DC in each site. > > Is this really needed? > Consider my "sites" would both be local and I would only have one > physical server facing both VLANs.That's a problem to start with, you really are better off with multiple DC's. I personally would use at least three in your case, one main DC and another DC in each site. This would ensure that you would have some fall back if a DC died.> In any case, do you have a pointer to some documentation I can use > (especially WRT to DNS)?Yes, it is called the Samba wiki :-) https://wiki.samba.org/index.php/Main_Page Rowland
On 8/17/18 11:58 AM, Rowland Penny via samba wrote:> That's a problem to start with, you really are better off with multiple > DC's. I personally would use at least three in your case, one main DC > and another DC in each site. This would ensure that you would have > some fall back if a DC died.Let's for a moment assume: _ this is a test setup; _ my network is very small (read 5-10 clients); _ I cannot afford 3 DCs; _ I really want to use internal DNS (unless a showstopper comes up); _ I know I'm going with a subobtimal setup; _ I won't come and whine here if the overall thing is slow and/or not so resilient.>> In any case, do you have a pointer to some documentation I can use >> (especially WRT to DNS)? > > Yes, it is called the Samba wiki :-) > > https://wiki.samba.org/index.php/Main_PageThanks. I think I've read almost it all several times in the past. However, as I said, checking it once again, I was not able to find the information I'm looking for. Could you please point me to the pages I should be looking into in order to configure an AD DC DNS for use on two subnets? If I added a second interface to the DC right now, I guess it would answer equally on both interfaces. However, I suppose possibly: _ client 192.168.0.x should be told dc.mydom.it=192.168.0.z, while _ client 192.168.1.y should be told dc.mydom.it=192.168.1.z. If this assumption is right, I don't have an idea on how to achieve this with internal DNS. Perhaps this assumption is wrong, and the distinction should be made earlier when the SRV records are queried? Again, how? I read in MS documentation about "IP Addresses mapping to Site Names", but again, you said sites are not strictly required, so I'm trying to figure out how this would work without them. bye & Thanks av.