[Freeipa-users] Setting up replication, documentation unclear regarding DNS entries

Dmitri Pal dpal at redhat.com
Mon Apr 9 18:46:49 UTC 2012 

On 04/09/2012 02:41 PM, KodaK wrote:
> On Mon, Apr 9, 2012 at 1:34 PM, Dmitri Pal <dpal at redhat.com> wrote:
>> On 04/09/2012 02:07 PM, KodaK wrote:
>>> I have two IPA servers.  The primary/master is SLPIDML01 and the
>>> replica is SLPIDML01.  I have followed the instructions for creating a
>>> replica and the install on SLPIDML02 completed successfully.  However,
>>> the instructions tell me to add some entries to the DNS zone file, and
>>> I'm stumped.
>>>
>>> The FreeIPA documentation has this to say about setting up DNS for replicas:
>>>
>>> Updating DNS for IPA Replicas
>>>
>>> After you have configured a new IPA replica, you should update your
>>> DNS entries so that IPA clients can discover the new server. For
>>> example, for an IPA replica with a server name of $HOST, you should
>>> add the following entries to your zone file:
>>>
>>> _ldap._tcp             IN SRV 0 100 389       $HOST
>>> _kerberos._tcp         IN SRV 0 100 88 $HOST
>>> _kerberos._udp         IN SRV 0 100 88 $HOST
>>> _kerberos-master._tcp  IN SRV 0 100 88 $HOST
>>> _kerberos-master._udp  IN SRV 0 100 88 $HOST
>>> _kpasswd._tcp          IN SRV 0 100 464 $HOST
>>> _kpasswd._udp          IN SRV 0 100 464 $HOST
>>> _ntp._udp              IN SRV 0 100 123 $HOST
>>>
>>> I know very little about configuring DNS.  Where exactly should this
>>> go?  It says to add it to your zone file, all I see is a
>>> named.rfc1912.zones file, and it appears to be rather structured.  Do
>>> I just dump these at the end?  That doesn't seem to make any sense.  I
>>> see a reference to /var/named/example.com.zone.db, but I don't have
>>> one for my domain, and I still don't know what the format of the file
>>> should be.  Do I need to make entries for both hosts (and any others I
>>> add in the future?)
>>>
>> What DNS server do you use?
>> Did you consider using DNS server that comes with IPA?
>>
> I am using the DNS server that comes with IPA.
Then the replicas are added automatically to the DNS servers managed by
IPA. I think the documentation refers to the case when you are not using
the DNS server provided by IPA. Then you need to add mentioned entries.
If this is not clear please open a ticket and provide a pointer to the
section that caused the confusion.

-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager IPA project,
Red Hat Inc.


-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/

More information about the Freeipa-users mailing list