0

I have a Samba4 server domain controller, using samba_internal as the DNS back end. After manually removing the eth0 IP address from the DNS zone, it is automatically re-added after a few minutes. This behavior breaks DNS resolution because clients should only receive the VPN IP.

Environment:

  • The server is hosted in the cloud.
  • It communicates with workstations over a point to point VPN.

Is there a way to prevent Samba4's internal DNS back end from adding the eth0 IP address back into the domain DNS zone?

Ideally, I want Samba to only advertise the VPN IP in its DNS records.

DNS Zone

Improve this question
0

1 Answer 1

Reset to default
0

This isn't done by the backend. (Though I would probably recommend using the BIND9 DLZ backend.) Even the domain controllers themselves use dynamic DNS registration like member hosts do. The samba domain periodically runs the program listed in dns update command, normally samba_dnsupdate, which uses your smb.conf interfaces parameter to determine which interface addresses to send registration for. The backend merely processes the RFC2136 GSS-TSIG update requests it receives.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.