[Freeipa-users] Correct syntax for round-robin DNS srv records

Mark Heslin mheslin at redhat.com
Tue Jul 22 12:06:42 UTC 2014 

On 07/22/2014 08:00 AM, Mark Heslin wrote:
> Martin, Petr,
>
> I didn't see that missing dot "." - good catch. As always the devil is 
> in the details :-)
>
> Two follow up questions:
>
>  1. I've set the priority and weighting equally here but I will add a 
> third host
>       so would it make sense to just set both priority and weight to 
> "0" for all three hosts?:
>
>        # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 0 53 
> foo1.example.com."
>        # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 0 53 
> foo2.example.com."
>        # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 0 53 
> foo3.example.com."
>
>  2. To Petr's point about registering the "_foo.tcp" service. By 
> definition this isn't really
>       a true "service" and more like "CNAME with benefits". (Sorry, 
> couldn't resist the bad dating reference ;-))
>       Do I actually still need to add this to /etc/services? If so, 
> then I'd have to do that for
>       all hosts in the environment, IdM servers, clients, etc., correct?
>
>       Truth be told, this is just being used for an alternative to a 
> true h/w, s/w load balancer
>       for demonstration purposes so I'm sure adding it to the services 
> file makes sense.

Gah! I meant to say I'm *not* sure adding it to the services file makes 
sense.


>
> Thank you both!
>
> -m
>
>
>
>
> On 07/22/2014 03:16 AM, Petr Spacek wrote:
>> On 22.7.2014 00:13, Mark Heslin wrote:
>>> Hi All,
>>>
>>> I had some off-list exchanges with Petr Spacek on this but am still 
>>> trying to
>>> work out the correct syntax.
>>> I have 2 hosts:
>>>
>>>     - foo1.example.com
>>>     - foo2.example.com
>>>
>>> and would like to create a round-robin DNS srv record for both called
>>> foo.example.com
>>>
>>> I already have DNS entries for both hosts in IPA:
>>>
>>>    # ipa dnsrecord-show example.com foo1
>>>      Record name: foo1
>>>      A record: 10.0.0.1
>>>    # ipa dnsrecord-show example.com foo2
>>>      Record name: foo2
>>>      A record: 10.0.0.2
>>>
>>> I'd like to get the correct syntax for adding the srv record for foo.
>>> My understanding is that it should be something like this:
>>>
>>>    # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 50 53 
>>> foo1.example.com"
>>>    Record name: _foo.tcp
>>>    SRV record: 0 50 53 foo1.example.com
>>>    # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 50 53 
>>> foo2.example.com"
>>>    Record name: _foo.tcp
>>>    SRV record: 0 50 53 foo2.example.com
>>>
>>> which seemed to be added ok but on second glance I think not:
>>>
>>>    # host -t srv _foo.tcp.example.com
>>>    _foo.tcp..example.com has SRV record 0 50 53 
>>> foo1.example.com.example.com.
>>>    _foo.tcp..example.com has SRV record 0 50 53 
>>> foo2.example.com.example.com.
>>>
>>> In looking over the description of rfc2782
>>> <http://en.wikipedia.org/wiki/SRV_record> it appears the IPA syntax 
>>> is a
>>> little different,
>>
>> I don't think so :-)
>>
>> Please note the trailing dot in "target" part of 
>> http://en.wikipedia.org/wiki/SRV_record#Record_format.
>>
>> IPA behaves in the same way as BIND 9: All domain names without 
>> trailing dot are automatically extended with zone origin, i.e. 
>> "example.com.".
>>
>> You have two options:
>> # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 50 53 foo1" 
>> (DNS server will automatically append "example.com.")
>>
>> or
>>
>> # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 50 53 
>> foo1.example.com."
>> (please note the trailing dot)
>>
>>
>>
>> Another note is about "_foo". "foo" should be "service name" 
>> according to
>> http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml 
>>
>>
>> It will probably not cause any problems if you invent your own name 
>> (preferably prefixed with x- to avoid collisions in future, e.g. 
>> "_x-foo"), but it will not hurt you if you register your protocol 
>> into the registry :-)
>> See http://tools.ietf.org/html/rfc6335
>>
>>> and the documentation is scarce so admittedly I'm taking a swag at 
>>> this ;-)
>>>
>>> I can do this fine without srv but don't have enough familiarity 
>>> with DNS srv
>>> here.
>>> Can anyone help clarify what I'm missing? I'd like to have equal 
>>> weighting,
>>> priority
>>> to both hosts - I'm assuming the port (53) is correct for DNS here 
>>> as well.
>> What are you trying to achieve? The port number refers to port used 
>> by your application, not to DNS.
>>
>
>


-- 

Red Hat Reference Architectures

Follow Us: https://twitter.com/RedHatRefArch
Plus Us: https://plus.google.com/u/0/b/114152126783830728030/
Like Us: https://www.facebook.com/rhrefarch

More information about the Freeipa-users mailing list