On 12/16/20 2:58 PM, Joachim Lindenberg via samba wrote:> I don?t know Alex?s use case, but I want to run a pi-hole (for ad blocking)
and a stubby (for DNS-over-TLS) upstream, ideally both with docker. And I?d
prefer to run all of them one one box, as I have to run three DCs anyway,
separating them out to different VMs implies nine VMs just for DNS.
> 127.0.x.y is one option that can work though.
> Best Regards, Joachim
>
I think these kind of flexible configuration options problems will
become easier to manage if people don't use the AD DNS as the network
recursive DNS server.
My ideal configuration puts the primary network DNS in front of the
Samba DNS this way
+---------------+ +-----------------+
| Network DNS |------> | Forwarder DNS |
+---------------+ +-----------------+
|
|
| +----------+
|------> | AD DNS |
+----------+
But on the other hand, someone maybe want to setup a small network and
the complexity of adding another DNS is too much and it is happy with
using the Samba DNS as the network primary DNS, so Samba accepting
another port doesn't sound so weird, for example when ISPs filter port
53 to redirect them to their crappy DNS.
>
> -----Urspr?ngliche Nachricht-----
> Von: samba <samba-bounces at lists.samba.org> Im Auftrag von Rowland
penny via samba
> Gesendet: Wednesday, 16 December 2020 19:27
> An: samba at lists.samba.org
> Betreff: Re: [Samba] Samba 4 custom ports for DNS in 2020?
>
> On 16/12/2020 17:54, Alex Orlov via samba wrote:
>> Hello all,
>>
>> I found many old threads in samba mailing list that samba internal
>> server doesn?t support custom ports (other than 53). Besides, I
couldn?t make samba work dns forwarder = x.x.x.x:non_53_port.
>>
>> So, could anyone say if it?s possible in samba 4 to set custom port
>> for internal dns server or make forwarding to non 53 port in 2020?
>>
>> --
>> Best regards, Alex Orlov
>
> This sounds like you want to run two dns servers on the same computer, if
this is the case, then you may be able to get an extra dns server running on
another IP (such as 127.0.1.1) but there wouldn't be much point, The Samba
dns server must be authoritative for AD dns domain and the computer must be
running in the AD dns domain, so what dns domain would the second dns server be
authoritative for ? If it isn't authoritative for any domain, why run it on
the DC ?
>
> Row
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>