<div dir="ltr">Hello,<div><br></div><div>I've recently implemented freeIPA in a mixed environment of Mac OS 10.12 and Windows 10 with limited issues!</div><div><br></div><div>One issue is that updating the reverse zone via nsupdate works without issue, updating to the forward zone results in a REFUSED status. Below is my zone config, named.conf, and an example of client-side behavior.  I'm new to nearly all systems involved- misconfiguration is likely. Thanks!</div><div><br></div><div><br></div><blockquote style="margin:0 0 0 40px;border:none;padding:0px"><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;font-weight:700;vertical-align:baseline;white-space:pre-wrap">From freeIPA server:</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">#  ipa dnszone-show <a href="http://int.dplcl.com">int.dplcl.com</a> --all</span></p></span></div></div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><br></p></span></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">  dn: idnsname=<a href="http://int.dplcl.com">int.dplcl.com</a>.,cn=dns,dc=int,dc=dplcl,dc=com</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">  Zone name: <a href="http://int.dplcl.com">int.dplcl.com</a>.</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">  Active zone: TRUE</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">  Authoritative nameserver: <a href="http://ipa-1.int.dplcl.com">ipa-1.int.dplcl.com</a>.</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">  Administrator e-mail address: <a href="http://hostmaster.int.dplcl.com">hostmaster.int.dplcl.com</a>.</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">  SOA serial: 1494344164</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">  SOA refresh: 3600</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">  SOA retry: 900</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">  SOA expire: 1209600</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">  SOA minimum: 3600</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">  BIND update policy: grant <a href="http://INT.DPLCL.COM">INT.DPLCL.COM</a> krb5-self * A; grant <a href="http://INT.DPLCL.COM">INT.DPLCL.COM</a> krb5-self * AAAA; grant <a href="http://INT.DPLCL.COM">INT.DPLCL.COM</a> krb5-self *</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">                      SSHFP;</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">  Dynamic update: TRUE</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">  Allow query: any;</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">  Allow transfer: none;</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">  Allow PTR sync: TRUE</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">  Allow in-line DNSSEC signing: FALSE</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">  nsrecord: <a href="http://ipa-1.int.dplcl.com">ipa-1.int.dplcl.com</a>.</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">  objectclass: idnszone, top, idnsrecord, ipadnszone</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><br></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;font-weight:700;vertical-align:baseline;white-space:pre-wrap">/etc/named.conf from IPA server:</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">options {</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        // turns on IPv6 for port 53, IPv4 is on by default for all ifaces</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        listen-on-v6 {any;};</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><br></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        // Put files that named is allowed to write in the data/ directory:</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        directory "/var/named"; // the default</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        dump-file               "data/cache_dump.db";</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        statistics-file         "data/named_stats.txt";</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        memstatistics-file      "data/named_mem_stats.txt";</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><br></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        // Any host is permitted to issue recursive queries</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        allow-recursion { any; };</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><br></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        tkey-gssapi-keytab "/etc/named.keytab";</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        pid-file "/run/named/named.pid";</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><br></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        dnssec-enable no;</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        dnssec-validation no;</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><br></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        /* Path to ISC DLV key */</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        bindkeys-file "/etc/named.iscdlv.key";</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><br></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        managed-keys-directory "/var/named/dynamic";</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">};</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><br></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">/* If you want to enable debugging, eg. using the 'rndc trace' command,</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"> * By default, SELinux policy does not allow named to modify the /var/named directory,</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"> * so put the default debug log file in data/ :</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"> */</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">logging {</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        channel default_debug {</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">                file "data/named.run";</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">                severity dynamic;</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">                print-time yes;</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        };</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">};</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><br></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">zone "." IN {</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        type hint;</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        file "<a href="http://named.ca">named.ca</a>";</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">};</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><br></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">include "/etc/named.rfc1912.zones";</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">include "/etc/named.root.key";</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><br></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">dynamic-db "ipa" {</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        library "ldap.so";</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        arg "uri ldapi://%2fvar%2frun%2fslapd-INT-DPLCL-COM.socket";</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        arg "base cn=dns, dc=int,dc=dplcl,dc=com";</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        arg "server_id <a href="http://ipa-1.int.dplcl.com">ipa-1.int.dplcl.com</a>";</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        arg "auth_method sasl";</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        arg "sasl_mech GSSAPI";</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        arg "sasl_user DNS/<a href="http://ipa-1.int.dplcl.com">ipa-1.int.dplcl.com</a>";</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">        arg "serial_autoincrement yes";</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">};</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><br></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><br></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;font-weight:700;vertical-align:baseline;white-space:pre-wrap">From client macbook:</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">testbook3:etc jsherrill$ nsupdate</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">> debug</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">> update add <a href="http://testbook3.int.dplcl.com">testbook3.int.dplcl.com</a> 86400 a 10.0.1.36</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">> </span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">Reply from SOA query:</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id:   3049</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">;; flags: qr aa rd ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">;; QUESTION SECTION:</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">;<a href="http://testbook3.int.dplcl.com">testbook3.int.dplcl.com</a>.</span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-Apple-tab-span" style="white-space:pre">       </span></span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">IN</span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-Apple-tab-span" style="white-space:pre">      </span></span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">SOA</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><br></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">;; AUTHORITY SECTION:</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><a href="http://int.dplcl.com">int.dplcl.com</a>.</span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-Apple-tab-span" style="white-space:pre">       </span></span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-Apple-tab-span" style="white-space:pre">       </span></span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">0</span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-Apple-tab-span" style="white-space:pre">       </span></span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">IN</span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-Apple-tab-span" style="white-space:pre">      </span></span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">SOA</span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-Apple-tab-span" style="white-space:pre">     </span></span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><a href="http://ipa-1.int.dplcl.com">ipa-1.int.dplcl.com</a>. <a href="http://hostmaster.int.dplcl.com">hostmaster.int.dplcl.com</a>. 1494425173 3600 900 1209600 3600</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><br></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">Found zone name: <a href="http://int.dplcl.com">int.dplcl.com</a></span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">The master is: <a href="http://ipa-1.int.dplcl.com">ipa-1.int.dplcl.com</a></span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">Sending update to 10.0.1.5#53</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">Outgoing update query:</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:  33167</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 0</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">;; UPDATE SECTION:</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><a href="http://testbook3.int.dplcl.com">testbook3.int.dplcl.com</a>. 86400</span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-Apple-tab-span" style="white-space:pre">   </span></span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">IN</span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-Apple-tab-span" style="white-space:pre">      </span></span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">A</span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-Apple-tab-span" style="white-space:pre">       </span></span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">10.0.1.36</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><br></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><br></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">Reply from update query:</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">;; ->>HEADER<<- opcode: UPDATE, status: REFUSED, id:  33167</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">;; flags: qr ra; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">;; ZONE SECTION:</span></p></span></div></div><div><div><span id="gmail-docs-internal-guid-4576865a-f32e-524c-1d9b-62cda073d63c"><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">;<a href="http://int.dplcl.com">int.dplcl.com</a>.</span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-Apple-tab-span" style="white-space:pre"> </span></span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-Apple-tab-span" style="white-space:pre">       </span></span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-Apple-tab-span" style="white-space:pre">       </span></span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">IN</span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><span class="gmail-Apple-tab-span" style="white-space:pre">      </span></span><span style="font-size:11pt;font-family:arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">SOA</span></span></div></div><div>-- </div></blockquote><div><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div style="font-size:12.8px"><br></div><div style="font-size:12.8px"><b>Jason Sherrill</b></div><div style="font-size:12.8px"><a href="http://deeplocal.com/" style="color:rgb(17,85,204)" target="_blank">Deeplocal Inc.</a><br></div><div style="font-size:12.8px">mobile: <a href="tel:(412)%20636-2073" value="+14129773742" style="color:rgb(17,85,204)" target="_blank">412-636-2073</a></div><div style="font-size:12.8px"><span style="font-size:12.8px">office: </span><a href="tel:(412)%20362-0201" value="+14123620201" style="color:rgb(17,85,204)" target="_blank">412-362-0201</a></div></div></div></div></div>
</div></div>