[Freeipa-users] Are multiple dns databases possible in freeipa?
Petr Spacek
pspacek at redhat.com
Wed Feb 12 08:53:27 UTC 2014
On 11.2.2014 20:47, Rob Crittenden wrote:
> me at tdiehl.org wrote:
>> Hi,
>>
>> I am in the process of evaluating ipa on Centos 6.5. So far I really
>> like what
>> I see but the one problem I cannot find a viable solution for is how can
>> I do
>> internal and external views with dns stored in ipa? Google seems to
>> indicate
>> that it is not possible but I thought I would ask here to be sure.
>>
>> My dns infrastructure serves different ip addresses depending on if the
>> request originates from the internal network or from the Internet.
>>
>> In addition, internal hosts are able to do recursive look ups but for
>> external
>> hosts recursion is not allowed.
>>
>> I am thinking that if I can add a second dns database to ipa, I could then
>> configure named.conf to operate using views.
>>
>> Is this possible/recommended? Is there a better solution that would not be
>> a maintenance nightmare?
>>
>> Regards,
>>
>
> Bind views are not currently supported, see this thread
> http://www.redhat.com/archives/freeipa-users/2013-October/msg00005.html
>
> There is an upstream ticket on this as well,
> https://fedorahosted.org/freeipa/ticket/2802
Hello Tom,
we can provide you configuration file for BIND 9 which allows you to load data
for external view from a file and use LDAP (with FreeIPA CLI and WebUI) for
internal view (or vice versa). Let me know if you are interested in this
configuration.
Could you describe your use case in detail? What are you trying to achieve,
why etc.? We need to know use cases so we can design proper solution.
Would "sites" be enough for you? See
https://fedorahosted.org/freeipa/ticket/2008
Thank you for your time!
--
Petr^2 Spacek
More information about the Freeipa-users
mailing list