[Freeipa-devel] local DNS zone setup, please review
Simo Sorce
ssorce at redhat.com
Thu Nov 8 14:39:47 UTC 2007
On Wed, 2007-11-07 at 10:55 -0500, John Dennis wrote:
> Simo Sorce wrote:
> > John have you seen the zone file sthat is generated by the setup
> > script ? Or have you tried with --setup-bind ?
>
> Thanks, yes. FWIW it seems to me --setup-bind seems to be missing a few
> critical features, but perhaps I've missed something along the way.
>
> * setup-bind does not create a reverse zone, there are various
> operations in kerberos and probably other things as well which will fail
> in cryptic ways if the reverse mapping does not work.
This seam easy and I will add it maybe, the problem being that you
shadow any existing one this way and also that you must make sure the
server is installed in the final subnet, not pretty.
> * it would be really nice if setup-bind could take into account other
> dns servers which might need to be queried, e.g. the corporate LAN
> (intranet) case.
This is not easy, how do you know where to find forwarders? Not sure
trying to use the configured DNSs is a good idea (esp if you install on
a test network and then you move the server.
And I don't want to ask questions for now, we don;t support bind atm,
admin has to check it anyway.
Simo.
More information about the Freeipa-devel
mailing list