[Freeipa-devel] [PATCH] 087 Allow recursion by default
Rob Crittenden
rcritten at redhat.com
Tue Jun 28 18:15:27 UTC 2011
Martin Kosek wrote:
> I suggest adding the following doc to the end of chapter "5.6.
> DNS" (after the paragraphs about forwarders):
>
> Any host is permitted to issue recursive queries against configured
> forwarders by default. When required, this behavior can be changed
> in /etc/named.conf in "allow-recursion" statement. Please consult name
> server documentation for details how to edit the configuration
> statement.
>
> ----
> How to test:
> 1) install IPA with --setup-dns and defined --forwarder
> 2) query record not-managed by installed IPA (e.g. www.freeipa.org) from
> localhost - should pass both with and without the patch
> 3) query record not-managed by installed IPA from other computer from
> different subnet - fails without the patch and should pass with the
> patch
>
> ----
> Update name server configuration file to allow any host to issue
> recursive queries (allow-recursion statement).
>
> https://fedorahosted.org/freeipa/ticket/1335
>
ack, pushed to master and ipa-2-0
Deon, this won't affect existing installations so this would be a
candidate for Release Notes. Users will need to manually update
named.conf if they want this feature.
rob
More information about the Freeipa-devel
mailing list