[Freeipa-users] DNS resource records problem. subdomains and /16's.
Andrew Holway
andrew.holway at gmail.com
Mon Oct 28 15:53:26 UTC 2013
[root at freeipa ~]# ipa dnszone-find
Zone name: 51.10.in-addr.arpa.
Authoritative nameserver: freeipa.test.nsslabs.com.
Administrator e-mail address: hostmaster.test.nsslabs.com.
SOA serial: 1382863622
SOA refresh: 3600
SOA retry: 900
SOA expire: 1209600
SOA minimum: 3600
Active zone: TRUE
Allow query: any;
Allow transfer: none;
Zone name: test.nsslabs.com
Authoritative nameserver: freeipa.test.nsslabs.com.
Administrator e-mail address: hostmaster.test.nsslabs.com.
SOA serial: 1382950803
SOA refresh: 3600
SOA retry: 900
SOA expire: 1209600
SOA minimum: 3600
Active zone: TRUE
Allow query: any;
Allow transfer: none;
----------------------------
Number of entries returned 2
----------------------------
On 28 October 2013 15:43, Andrew Holway <andrew.holway at gmail.com> wrote:
> Sorry, I didn't mean to sent the last mail. However the FreeIPA has
> correctly set reverse and forward DNS. I have trimmed it up a bit for
> clarity.
>
> Forward DNS for this host is working but reverse DNS is not:
>
> [root at freeipa ~]# dig node002.test.nsslabs.com @localhost
>
> ;; QUESTION SECTION:
> ;node002.test.nsslabs.com. IN A
> ;; ANSWER SECTION:
> node002.test.nsslabs.com. 1200 IN A 10.51.102.2
> ;; AUTHORITY SECTION:
> test.nsslabs.com. 86400 IN NS freeipa.test.nsslabs.com.
> ;; ADDITIONAL SECTION:
> freeipa.test.nsslabs.com. 1200 IN A 10.51.101.23
>
> [root at freeipa ~]# dig 10.51.102.2 @localhost
>
> ;; QUESTION SECTION:
> ;10.51.102.2. IN A
> ;; AUTHORITY SECTION:
> . 10800 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2013102800
> 1800 900 604800 86400
>
> The FreeIPA server has correctly set reverse and forward DNS.
>
> [root at freeipa ~]# dig freeipa.test.nsslabs.com @localhost
> ;; QUESTION SECTION:
> ;freeipa.test.nsslabs.com. IN A
> ;; ANSWER SECTION:
> freeipa.test.nsslabs.com. 1200 IN A 10.51.101.23
> ;; AUTHORITY SECTION:
> test.nsslabs.com. 86400 IN NS freeipa.test.nsslabs.com.
>
> [root at freeipa ~]# dig -x 10.51.101.23 @localhost
> ;; QUESTION SECTION:
> ;23.101.51.10.in-addr.arpa. IN PTR
> ;; ANSWER SECTION:
> 23.101.51.10.in-addr.arpa. 86400 IN PTR freeipa.test.nsslabs.com.
> ;; AUTHORITY SECTION:
> 51.10.in-addr.arpa. 86400 IN NS freeipa.test.nsslabs.com.
> ;; ADDITIONAL SECTION:
> freeipa.test.nsslabs.com. 1200 IN A 10.51.101.23
>
>
> This host has no reverse or forward DNS set up. But it IS enrolled in freeIPA.
>
> [root at freeipa ~]# dig node001.swim1.test.nsslabs.com @localhost
>
> ;; QUESTION SECTION:
> ;node001.swim1.test.nsslabs.com. IN A
> ;; AUTHORITY SECTION:
> test.nsslabs.com. 3600 IN SOA freeipa.test.nsslabs.com.
> hostmaster.test.nsslabs.com. 1382950803 3600 900 1209600 3600
>
>
> [root at freeipa ~]# dig -x 10.51.102.2 @localhost
>
> ;; QUESTION SECTION:
> ;2.102.51.10.in-addr.arpa. IN PTR
> ;; AUTHORITY SECTION:
> 51.10.in-addr.arpa. 3600 IN SOA freeipa.test.nsslabs.com.
> hostmaster.test.nsslabs.com. 1382863622 3600 900 1209600 3600
More information about the Freeipa-users
mailing list