Bug 57168 – 5.2-0 Alpha nameserver with Samba/AD backend doesn't resolve/forward DNS queries to external

Bug 57168 - 5.2-0 Alpha nameserver with Samba/AD backend doesn't resolve/forward DNS queries to external


Summary:	5.2-0 Alpha nameserver with Samba/AD backend doesn't resolve/forward DNS quer...

Status:	RESOLVED WORKSFORME

Product:	UCS
Classification:	Unclassified
Component:	DNS
Version:	UCS 5.2
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	UCS 5.2
Assigned To:	UCS maintainers
QA Contact:	UCS maintainers

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2024-03-21 12:33 CET by Arvid Requate
Modified:	2024-04-08 11:23 CEST (History)
CC List:	0 users

See Also:
What kind of report is it?:	Development Internal
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Arvid Requate

2024-03-21 12:33:49 CET

5.2-0 Alpha name server with Samba/AD backend doesn't resolve/forward DNS queries to external name servers, despite dns/forwarder1 and dns/forwarder2 being set and working.

root@primary80:~# host updates-test.software-univention.de 
Host updates-test.software-univention.de not found: 2(SERVFAIL)

root@primary80:~# univention-app info
UCS: 5.2-0 errata897
Installed: samba4=4.18 self-service=7.0 self-service-backend=7.0 5.0/keycloak=23.0.7-ucs2
Upgradable:
root@primary80:~# ucr search --brief dns/backend
dns/backend: samba4
root@primary80:~# pgrep -a named
1487225 /usr/sbin/named -c /etc/bind/named.conf.samba4 -f -d 0

but it works on the backup w/o Samba:

root@backup81:~# host updates-test.software-univention.de
updates-test.software-univention.de has address 176.9.110.24
updates-test.software-univention.de has IPv6 address 2a01:4f8:151:6019::2
root@backup81:~# univention-app info
UCS: 5.2-0 errata897
Installed: 
Upgradable:
root@backup81:~# ucr search --brief dns/backend
dns/backend: ldap
root@backup81:~# pgrep -a named
189790 /usr/sbin/named -c /etc/bind/named.conf -p 7777 -u bind -f -d 0
189807 /usr/sbin/named -c /etc/bind/named.conf.proxy -u bind -f -d 0

Comment 1 Arvid Requate

2024-04-08 11:23:22 CEST

Looks like the issue is somehow caused by an outdated system time
and fixed by updating it:

root@primary80:~# host install.python-poetry.org
Host install.python-poetry.org not found: 2(SERVFAIL)

root@primary80:~# date
Do 14. Mär 12:49:58 CET 2024

root@primary80:~# rdate -n 10.200.8.1
Mon Apr  8 11:20:27 CEST 2024
root@primary80:~# date
Mo 8. Apr 11:20:29 CEST 2024

root@primary80:~# host install.python-poetry.org
install.python-poetry.org is an alias for cname.vercel-dns.com.
cname.vercel-dns.com has address 76.76.21.98
cname.vercel-dns.com has address 76.76.21.61