Web lists-archives.com

Re: [Samba] samba_dns_question




On Tue, 22 Jan 2019 14:27:12 +0100
"L.P.H. van Belle via samba" <samba@xxxxxxxxxxxxxxx> wrote:

> Hai, 
> 
> > -----Oorspronkelijk bericht-----
> > Van: samba [mailto:samba-bounces@xxxxxxxxxxxxxxx] Namens 
> > Rowland Penny via samba
> > Verzonden: dinsdag 22 januari 2019 14:12
> > Aan: samba@xxxxxxxxxxxxxxx
> > Onderwerp: Re: [Samba] samba_dns_question
> > 
> > On Tue, 22 Jan 2019 13:54:00 +0100
> > "L.P.H. van Belle via samba" <samba@xxxxxxxxxxxxxxx> wrote:
> > 
> > > I really suggest that you change this. 
> > > 
> > > Disable : 
> > > > include "/etc/bind/named.conf.default-zones";
> > 
> > I have this and have never had the OP's problem
> > 
> > > And this supports it : 
> > > >      empty-zones-enable no; 
> > 
> > Again, I have this.
> 
> Then you are using a zone that is not in the default zone.
> The problem occurs only when you bind-DLZ is trying to load a zone
> defined in the default. Same for the empty-zones-enable 
> 
> > 
> > > 
> > > These to my cause your problem. 
> > > Might load zones that bind9_DLZ is trying to load also. 
> > > 
> > > Set to yes:
> > > >      auth-nxdomain no;    # conform to RFC1035
> > > The AD is the AUTHORITIVE Server.  
> > > For that  you need : auth-nxdomain yes;
> > 
> > Sorry, but no you don't, well I don't
> > 

I seemed to remember there was a reason why I didn't have
'auth-nxdomain = yes;' set, so I have been searching my records and
found it!

All that setting 'auth-nxdomain = yes' does, it sets the nameserver to
be authoritative for non existing domains, it has nothing to do with
being authoritative for a dns domain.
It used to default to 'yes' for compatibility with Bind8, it now
defaults to no.

Rowland
   

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba