[Freeipa-devel] [PATCH] [WIP] DNSSEC check for DNS forwarders
Petr Spacek
pspacek at redhat.com
Thu Oct 9 08:42:59 UTC 2014
Hello,
bad things will happen (i.e. external DNS resolution will not work) if
configured DNS forwarders are not standard compliant, i.e. EDNS or DNSSEC
support is not enabled.
For this reason I'm proposing to add explicit check to IPA installer and
possibly even to dnsconfig-mod/dnszone-mod commands so forwarders can be
tested before putting them in effect.
This check should detect failures soon and prevent surprises where IPA
installs itself but DNS resolution doesn't work for some domains etc.
Please voice your concerns ASAP.
--
Petr^2 Spacek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dnssec_test.py
Type: text/x-python
Size: 1342 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20141009/e0fc450d/attachment.py>
More information about the Freeipa-devel
mailing list