Web lists-archives.com

Re: [Samba] IP aliases of DCs to prevent DNS timeouts

On Wed, 2 May 2018, Denis Cardon via samba wrote:

may I inquire why you are have setup such a scenario? If all DC are on same site, it is not necessary to have such a hassle. If DC02 and DC03 are on different remote site with intermitent electricity/connectivity, you can juste setup "sites and services" in corresponding console, and workstations will only communicate with their site's DC.

Yes, all DCs are on the same site but some of them aren't always on: I have 4 non-symmetrical infrastructure hosts, each running redundant services and samba 4.7.6 in a VM. It is quite rare that all 4 hypervisors are up at the same time (to save on noise and electricity) and I was hoping to provide VIP redundancy to the DNS A records so that any client querying the 'wrong' DC wouldn't hit a timeout.

For normal (non-AD) DNS services, each host also runs named and I have two VIPs servicing DNS queries for clients. The VIPs get relocated to whatever hypervisor is up (so that clients do not hit timeouts) and I was hoping to do something similar for AD DC's.

I have actually given up on this as I've discovered that AD would auto-discover the VIPS local to a host and modify the AD DNS entries for that host : a few days ago I found dc00 with 3 IP's in DNS manager: its own and those of dc02 and dc03.

One issue may arise if you use the A DNS field corresponding to your domain name. There seems to be some kind of indetermination in certain cases.

The DNS round-robin lookup, you mean? I admit that I am still very new at this samba AD/DC DNS stuff.

PS: Any idea when tranquil.it will be updating the samba 4.7.x to 4.7.7?



To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba