[Freeipa-users] Freeipa-users Digest, Vol 72, Issue 66
Shashi M
svm2k20 at gmail.com
Wed Jul 23 08:43:17 UTC 2014
On 22.7.2014 15:33, Shashi M wrote:
>> I am looking for some help on DNS configuration migraion from AD to
FreeIPA.
>>
>> I am planning implement AD trust in my current freeIPA setup which is
>> currently having AD-IPA one way sync.
>>
>> New setup, I would also like to mange the DNS throug IPA. Currently unix
>> DNS is hosted on Windows AD servers. I will have to import all the
existing
>> DNS records in freeIPA.
>>
>> Is it possible to configure freeIPA DNS service as secondary (slave) to
>> existing AD DNS servers?
>>
>> my planned approach to migrate dns is as below
>>
>> - Setup new IPA servers with DNS for unix.example.com domain....
>> - Allow zone transfer from AD to freeIPA to populate freeIPA DNS servers
>> - Promote freeIPA as primary DNS server and make AD as secondary DNS
> FreeIPA cannot be slave of another DNS server (yet :-). You have the
option to
> use normal zone transfer, convert data from zone file to LDIF and import
the
> LDIF directly to LDAP.
> See https://fedorahosted.org/bind-dyndb-ldap/wiki/Migration and let us
know if
> you need any assistance.
> After that you will see all the data in FreeIPA user interface and all
FreeIPA
> servers will serve the same copy of the data.
>> Is this achivable with freeIPA currently? If not is it possible to have
>> bind 9 installed on freeIPA server and still DNS be managed by freeIPA?
> FreeIPA uses BIND 9 for it's DNS but all data managed by FreeIPA have to
be in
> LDAP, not in master files. Anyway, the conversion procedure linked above
is
> pretty straightforward.
> Have a nice day!
> --
> Petr^2 Spacek
Thanks you Petr for promt response! I will try this in test domain and
share the oupt in this thread.
Regards,
Shashikant
On Tue, Jul 22, 2014 at 4:54 PM, <freeipa-users-request at redhat.com> wrote:
> Send Freeipa-users mailing list submissions to
> freeipa-users at redhat.com
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://www.redhat.com/mailman/listinfo/freeipa-users
> or, via email, send a message with subject or body 'help' to
> freeipa-users-request at redhat.com
>
> You can reach the person managing the list at
> freeipa-users-owner at redhat.com
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Freeipa-users digest..."
>
>
> Today's Topics:
>
> 1. Re: Correct syntax for round-robin DNS srv records (Mark Heslin)
> 2. Re: Correct syntax for round-robin DNS srv records (Mark Heslin)
> 3. DNS migration from AD to freeIPA managed DNS (Shashi M)
> 4. Re: DNS migration from AD to freeIPA managed DNS (Petr Spacek)
> 5. Mass update IP addresses (KodaK)
> 6. Re: Correct syntax for round-robin DNS srv records (Petr Spacek)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 22 Jul 2014 08:00:50 -0400
> From: Mark Heslin <mheslin at redhat.com>
> To: Petr Spacek <pspacek at redhat.com>, Martin Basti <mbasti at redhat.com>
> Cc: freeipa-users at redhat.com
> Subject: Re: [Freeipa-users] Correct syntax for round-robin DNS srv
> records
> Message-ID: <53CE5272.5040807 at redhat.com>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> Martin, Petr,
>
> I didn't see that missing dot "." - good catch. As always the devil is
> in the details :-)
>
> Two follow up questions:
>
> 1. I've set the priority and weighting equally here but I will add a
> third host
> so would it make sense to just set both priority and weight to
> "0" for all three hosts?:
>
> # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 0 53
> foo1.example.com."
> # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 0 53
> foo2.example.com."
> # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 0 53
> foo3.example.com."
>
> 2. To Petr's point about registering the "_foo.tcp" service. By
> definition this isn't really
> a true "service" and more like "CNAME with benefits". (Sorry,
> couldn't resist the bad dating reference ;-))
> Do I actually still need to add this to /etc/services? If so,
> then I'd have to do that for
> all hosts in the environment, IdM servers, clients, etc., correct?
>
> Truth be told, this is just being used for an alternative to a
> true h/w, s/w load balancer
> for demonstration purposes so I'm sure adding it to the services
> file makes sense.
>
> Thank you both!
>
> -m
>
>
>
>
> On 07/22/2014 03:16 AM, Petr Spacek wrote:
> > On 22.7.2014 00:13, Mark Heslin wrote:
> >> Hi All,
> >>
> >> I had some off-list exchanges with Petr Spacek on this but am still
> >> trying to
> >> work out the correct syntax.
> >> I have 2 hosts:
> >>
> >> - foo1.example.com
> >> - foo2.example.com
> >>
> >> and would like to create a round-robin DNS srv record for both called
> >> foo.example.com
> >>
> >> I already have DNS entries for both hosts in IPA:
> >>
> >> # ipa dnsrecord-show example.com foo1
> >> Record name: foo1
> >> A record: 10.0.0.1
> >> # ipa dnsrecord-show example.com foo2
> >> Record name: foo2
> >> A record: 10.0.0.2
> >>
> >> I'd like to get the correct syntax for adding the srv record for foo.
> >> My understanding is that it should be something like this:
> >>
> >> # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 50 53
> >> foo1.example.com"
> >> Record name: _foo.tcp
> >> SRV record: 0 50 53 foo1.example.com
> >> # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 50 53
> >> foo2.example.com"
> >> Record name: _foo.tcp
> >> SRV record: 0 50 53 foo2.example.com
> >>
> >> which seemed to be added ok but on second glance I think not:
> >>
> >> # host -t srv _foo.tcp.example.com
> >> _foo.tcp..example.com has SRV record 0 50 53
> >> foo1.example.com.example.com.
> >> _foo.tcp..example.com has SRV record 0 50 53
> >> foo2.example.com.example.com.
> >>
> >> In looking over the description of rfc2782
> >> <http://en.wikipedia.org/wiki/SRV_record> it appears the IPA syntax is
> a
> >> little different,
> >
> > I don't think so :-)
> >
> > Please note the trailing dot in "target" part of
> > http://en.wikipedia.org/wiki/SRV_record#Record_format.
> >
> > IPA behaves in the same way as BIND 9: All domain names without
> > trailing dot are automatically extended with zone origin, i.e.
> > "example.com.".
> >
> > You have two options:
> > # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 50 53 foo1" (DNS
> > server will automatically append "example.com.")
> >
> > or
> >
> > # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 50 53
> > foo1.example.com."
> > (please note the trailing dot)
> >
> >
> >
> > Another note is about "_foo". "foo" should be "service name" according to
> >
> http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml
> >
> >
> > It will probably not cause any problems if you invent your own name
> > (preferably prefixed with x- to avoid collisions in future, e.g.
> > "_x-foo"), but it will not hurt you if you register your protocol into
> > the registry :-)
> > See http://tools.ietf.org/html/rfc6335
> >
> >> and the documentation is scarce so admittedly I'm taking a swag at
> >> this ;-)
> >>
> >> I can do this fine without srv but don't have enough familiarity with
> >> DNS srv
> >> here.
> >> Can anyone help clarify what I'm missing? I'd like to have equal
> >> weighting,
> >> priority
> >> to both hosts - I'm assuming the port (53) is correct for DNS here as
> >> well.
> > What are you trying to achieve? The port number refers to port used by
> > your application, not to DNS.
> >
>
>
> --
>
> Red Hat Reference Architectures
>
> Follow Us: https://twitter.com/RedHatRefArch
> Plus Us: https://plus.google.com/u/0/b/114152126783830728030/
> Like Us: https://www.facebook.com/rhrefarch
>
>
>
> ------------------------------
>
> Message: 2
> Date: Tue, 22 Jul 2014 08:06:42 -0400
> From: Mark Heslin <mheslin at redhat.com>
> To: Petr Spacek <pspacek at redhat.com>, Martin Basti <mbasti at redhat.com>
> Cc: freeipa-users at redhat.com
> Subject: Re: [Freeipa-users] Correct syntax for round-robin DNS srv
> records
> Message-ID: <53CE53D2.8090906 at redhat.com>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> On 07/22/2014 08:00 AM, Mark Heslin wrote:
> > Martin, Petr,
> >
> > I didn't see that missing dot "." - good catch. As always the devil is
> > in the details :-)
> >
> > Two follow up questions:
> >
> > 1. I've set the priority and weighting equally here but I will add a
> > third host
> > so would it make sense to just set both priority and weight to
> > "0" for all three hosts?:
> >
> > # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 0 53
> > foo1.example.com."
> > # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 0 53
> > foo2.example.com."
> > # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 0 53
> > foo3.example.com."
> >
> > 2. To Petr's point about registering the "_foo.tcp" service. By
> > definition this isn't really
> > a true "service" and more like "CNAME with benefits". (Sorry,
> > couldn't resist the bad dating reference ;-))
> > Do I actually still need to add this to /etc/services? If so,
> > then I'd have to do that for
> > all hosts in the environment, IdM servers, clients, etc., correct?
> >
> > Truth be told, this is just being used for an alternative to a
> > true h/w, s/w load balancer
> > for demonstration purposes so I'm sure adding it to the services
> > file makes sense.
>
> Gah! I meant to say I'm *not* sure adding it to the services file makes
> sense.
>
>
> >
> > Thank you both!
> >
> > -m
> >
> >
> >
> >
> > On 07/22/2014 03:16 AM, Petr Spacek wrote:
> >> On 22.7.2014 00:13, Mark Heslin wrote:
> >>> Hi All,
> >>>
> >>> I had some off-list exchanges with Petr Spacek on this but am still
> >>> trying to
> >>> work out the correct syntax.
> >>> I have 2 hosts:
> >>>
> >>> - foo1.example.com
> >>> - foo2.example.com
> >>>
> >>> and would like to create a round-robin DNS srv record for both called
> >>> foo.example.com
> >>>
> >>> I already have DNS entries for both hosts in IPA:
> >>>
> >>> # ipa dnsrecord-show example.com foo1
> >>> Record name: foo1
> >>> A record: 10.0.0.1
> >>> # ipa dnsrecord-show example.com foo2
> >>> Record name: foo2
> >>> A record: 10.0.0.2
> >>>
> >>> I'd like to get the correct syntax for adding the srv record for foo.
> >>> My understanding is that it should be something like this:
> >>>
> >>> # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 50 53
> >>> foo1.example.com"
> >>> Record name: _foo.tcp
> >>> SRV record: 0 50 53 foo1.example.com
> >>> # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 50 53
> >>> foo2.example.com"
> >>> Record name: _foo.tcp
> >>> SRV record: 0 50 53 foo2.example.com
> >>>
> >>> which seemed to be added ok but on second glance I think not:
> >>>
> >>> # host -t srv _foo.tcp.example.com
> >>> _foo.tcp..example.com has SRV record 0 50 53
> >>> foo1.example.com.example.com.
> >>> _foo.tcp..example.com has SRV record 0 50 53
> >>> foo2.example.com.example.com.
> >>>
> >>> In looking over the description of rfc2782
> >>> <http://en.wikipedia.org/wiki/SRV_record> it appears the IPA syntax
> >>> is a
> >>> little different,
> >>
> >> I don't think so :-)
> >>
> >> Please note the trailing dot in "target" part of
> >> http://en.wikipedia.org/wiki/SRV_record#Record_format.
> >>
> >> IPA behaves in the same way as BIND 9: All domain names without
> >> trailing dot are automatically extended with zone origin, i.e.
> >> "example.com.".
> >>
> >> You have two options:
> >> # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 50 53 foo1"
> >> (DNS server will automatically append "example.com.")
> >>
> >> or
> >>
> >> # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 50 53
> >> foo1.example.com."
> >> (please note the trailing dot)
> >>
> >>
> >>
> >> Another note is about "_foo". "foo" should be "service name"
> >> according to
> >>
> http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml
> >>
> >>
> >> It will probably not cause any problems if you invent your own name
> >> (preferably prefixed with x- to avoid collisions in future, e.g.
> >> "_x-foo"), but it will not hurt you if you register your protocol
> >> into the registry :-)
> >> See http://tools.ietf.org/html/rfc6335
> >>
> >>> and the documentation is scarce so admittedly I'm taking a swag at
> >>> this ;-)
> >>>
> >>> I can do this fine without srv but don't have enough familiarity
> >>> with DNS srv
> >>> here.
> >>> Can anyone help clarify what I'm missing? I'd like to have equal
> >>> weighting,
> >>> priority
> >>> to both hosts - I'm assuming the port (53) is correct for DNS here
> >>> as well.
> >> What are you trying to achieve? The port number refers to port used
> >> by your application, not to DNS.
> >>
> >
> >
>
>
> --
>
> Red Hat Reference Architectures
>
> Follow Us: https://twitter.com/RedHatRefArch
> Plus Us: https://plus.google.com/u/0/b/114152126783830728030/
> Like Us: https://www.facebook.com/rhrefarch
>
>
>
> ------------------------------
>
> Message: 3
> Date: Tue, 22 Jul 2014 14:33:28 +0100
> From: Shashi M <svm2k20 at gmail.com>
> To: freeipa-users at redhat.com
> Subject: [Freeipa-users] DNS migration from AD to freeIPA managed DNS
> Message-ID:
> <
> CAEouxn_pPv+ksJGOFZQg+CU+sO7tuNx_nRqi81H2UrvKUEPquQ at mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> Hi All,
>
> I am looking for some help on DNS configuration migraion from AD to
> FreeIPA.
>
> I am planning implement AD trust in my current freeIPA setup which is
> currently having AD-IPA one way sync.
>
> New setup, I would also like to mange the DNS throug IPA. Currently unix
> DNS is hosted on Windows AD servers. I will have to import all the existing
> DNS records in freeIPA.
>
> Is it possible to configure freeIPA DNS service as secondary (slave) to
> existing AD DNS servers?
>
> my planned approach to migrate dns is as below
>
> - Setup new IPA servers with DNS for unix.example.com domain....
> - Allow zone transfer from AD to freeIPA to populate freeIPA DNS servers
> - Promote freeIPA as primary DNS server and make AD as secondary DNS
>
> Is this achivable with freeIPA currently? If not is it possible to have
> bind 9 installed on freeIPA server and still DNS be managed by freeIPA?
>
>
> Regards,
> Shashikant
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> https://www.redhat.com/archives/freeipa-users/attachments/20140722/ebea6d3d/attachment.html
> >
>
> ------------------------------
>
> Message: 4
> Date: Tue, 22 Jul 2014 17:01:18 +0200
> From: Petr Spacek <pspacek at redhat.com>
> To: freeipa-users at redhat.com
> Subject: Re: [Freeipa-users] DNS migration from AD to freeIPA managed
> DNS
> Message-ID: <53CE7CBE.8000205 at redhat.com>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> On 22.7.2014 15:33, Shashi M wrote:
> > I am looking for some help on DNS configuration migraion from AD to
> FreeIPA.
> >
> > I am planning implement AD trust in my current freeIPA setup which is
> > currently having AD-IPA one way sync.
> >
> > New setup, I would also like to mange the DNS throug IPA. Currently unix
> > DNS is hosted on Windows AD servers. I will have to import all the
> existing
> > DNS records in freeIPA.
> >
> > Is it possible to configure freeIPA DNS service as secondary (slave) to
> > existing AD DNS servers?
> >
> > my planned approach to migrate dns is as below
> >
> > - Setup new IPA servers with DNS for unix.example.com domain....
> > - Allow zone transfer from AD to freeIPA to populate freeIPA DNS servers
> > - Promote freeIPA as primary DNS server and make AD as secondary DNS
>
> FreeIPA cannot be slave of another DNS server (yet :-). You have the
> option to
> use normal zone transfer, convert data from zone file to LDIF and import
> the
> LDIF directly to LDAP.
>
> See https://fedorahosted.org/bind-dyndb-ldap/wiki/Migration and let us
> know if
> you need any assistance.
>
> After that you will see all the data in FreeIPA user interface and all
> FreeIPA
> servers will serve the same copy of the data.
>
> > Is this achivable with freeIPA currently? If not is it possible to have
> > bind 9 installed on freeIPA server and still DNS be managed by freeIPA?
>
> FreeIPA uses BIND 9 for it's DNS but all data managed by FreeIPA have to
> be in
> LDAP, not in master files. Anyway, the conversion procedure linked above is
> pretty straightforward.
>
> Have a nice day!
>
> --
> Petr^2 Spacek
>
>
>
> ------------------------------
>
> Message: 5
> Date: Tue, 22 Jul 2014 10:04:07 -0500
> From: KodaK <sakodak at gmail.com>
> To: "freeipa-users at redhat.com" <freeipa-users at redhat.com>
> Subject: [Freeipa-users] Mass update IP addresses
> Message-ID:
> <
> CAA9J0ZH8MkL4N55TK-MhHw2UbK-EtxmhJrLpp4UXPKAZXT161w at mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> For various reasons, I need to move a lot of my IPA clients to a different
> subnet.
>
> I'd like to automate this as much as possible. My initial thought is to
> use a combination
> of puppet and ipa commands, but I wanted to see if anyone had any advice.
> Anything I
> should watch out for in IPA? I know that's vague, but I'm just seeking
> general advice.
>
> Thanks,
>
> --Jason
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> https://www.redhat.com/archives/freeipa-users/attachments/20140722/947bd0f9/attachment.html
> >
>
> ------------------------------
>
> Message: 6
> Date: Tue, 22 Jul 2014 17:54:36 +0200
> From: Petr Spacek <pspacek at redhat.com>
> To: Mark Heslin <mheslin at redhat.com>, Martin Basti <mbasti at redhat.com>
> Cc: freeipa-users at redhat.com
> Subject: Re: [Freeipa-users] Correct syntax for round-robin DNS srv
> records
> Message-ID: <53CE893C.4090807 at redhat.com>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> On 22.7.2014 14:06, Mark Heslin wrote:
> > On 07/22/2014 08:00 AM, Mark Heslin wrote:
> >> Martin, Petr,
> >>
> >> I didn't see that missing dot "." - good catch. As always the devil is
> in
> >> the details :-)
> >>
> >> Two follow up questions:
> >>
> >> 1. I've set the priority and weighting equally here but I will add a
> third
> >> host
> >> so would it make sense to just set both priority and weight to
> "0" for
> >> all three hosts?:
> >>
> >> # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 0 53
> >> foo1.example.com."
> >> # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 0 53
> >> foo2.example.com."
> >> # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 0 53
> >> foo3.example.com."
> >>
> >> 2. To Petr's point about registering the "_foo.tcp" service. By
> definition
> >> this isn't really
> >> a true "service" and more like "CNAME with benefits". (Sorry,
> couldn't
> >> resist the bad dating reference ;-))
> >> Do I actually still need to add this to /etc/services? If so,
> then I'd
> >> have to do that for
> >> all hosts in the environment, IdM servers, clients, etc., correct?
> >>
> >> Truth be told, this is just being used for an alternative to a
> true
> >> h/w, s/w load balancer
> >> for demonstration purposes so I'm sure adding it to the services
> file
> >> makes sense.
> >
> > Gah! I meant to say I'm *not* sure adding it to the services file makes
> sense.
>
> For test purposes you can use whatever, preferably something like
> "_x-test".
> No modification to /etc/services is necessary. AFAIK /etc/services just
> allows
> clients to translate service name to port number but this will not be used
> anyway because clients will get port number from DNS.
>
> Petr^2 Spacek
>
> >> Thank you both!
> >>
> >> -m
> >>
> >>
> >>
> >>
> >> On 07/22/2014 03:16 AM, Petr Spacek wrote:
> >>> On 22.7.2014 00:13, Mark Heslin wrote:
> >>>> Hi All,
> >>>>
> >>>> I had some off-list exchanges with Petr Spacek on this but am still
> trying to
> >>>> work out the correct syntax.
> >>>> I have 2 hosts:
> >>>>
> >>>> - foo1.example.com
> >>>> - foo2.example.com
> >>>>
> >>>> and would like to create a round-robin DNS srv record for both called
> >>>> foo.example.com
> >>>>
> >>>> I already have DNS entries for both hosts in IPA:
> >>>>
> >>>> # ipa dnsrecord-show example.com foo1
> >>>> Record name: foo1
> >>>> A record: 10.0.0.1
> >>>> # ipa dnsrecord-show example.com foo2
> >>>> Record name: foo2
> >>>> A record: 10.0.0.2
> >>>>
> >>>> I'd like to get the correct syntax for adding the srv record for foo.
> >>>> My understanding is that it should be something like this:
> >>>>
> >>>> # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 50 53
> >>>> foo1.example.com"
> >>>> Record name: _foo.tcp
> >>>> SRV record: 0 50 53 foo1.example.com
> >>>> # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 50 53
> >>>> foo2.example.com"
> >>>> Record name: _foo.tcp
> >>>> SRV record: 0 50 53 foo2.example.com
> >>>>
> >>>> which seemed to be added ok but on second glance I think not:
> >>>>
> >>>> # host -t srv _foo.tcp.example.com
> >>>> _foo.tcp..example.com has SRV record 0 50 53
> foo1.example.com.example.com.
> >>>> _foo.tcp..example.com has SRV record 0 50 53
> foo2.example.com.example.com.
> >>>>
> >>>> In looking over the description of rfc2782
> >>>> <http://en.wikipedia.org/wiki/SRV_record> it appears the IPA syntax
> is a
> >>>> little different,
> >>>
> >>> I don't think so :-)
> >>>
> >>> Please note the trailing dot in "target" part of
> >>> http://en.wikipedia.org/wiki/SRV_record#Record_format.
> >>>
> >>> IPA behaves in the same way as BIND 9: All domain names without
> trailing
> >>> dot are automatically extended with zone origin, i.e. "example.com.".
> >>>
> >>> You have two options:
> >>> # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 50 53 foo1" (DNS
> >>> server will automatically append "example.com.")
> >>>
> >>> or
> >>>
> >>> # ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 50 53
> foo1.example.com."
> >>> (please note the trailing dot)
> >>>
> >>>
> >>>
> >>> Another note is about "_foo". "foo" should be "service name" according
> to
> >>>
> http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml
> >>>
> >>>
> >>> It will probably not cause any problems if you invent your own name
> >>> (preferably prefixed with x- to avoid collisions in future, e.g.
> "_x-foo"),
> >>> but it will not hurt you if you register your protocol into the
> registry :-)
> >>> See http://tools.ietf.org/html/rfc6335
> >>>
> >>>> and the documentation is scarce so admittedly I'm taking a swag at
> this ;-)
> >>>>
> >>>> I can do this fine without srv but don't have enough familiarity with
> DNS srv
> >>>> here.
> >>>> Can anyone help clarify what I'm missing? I'd like to have equal
> weighting,
> >>>> priority
> >>>> to both hosts - I'm assuming the port (53) is correct for DNS here as
> well.
> >>> What are you trying to achieve? The port number refers to port used by
> your
> >>> application, not to DNS.
>
>
>
> ------------------------------
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
>
> End of Freeipa-users Digest, Vol 72, Issue 66
> *********************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140723/592feacf/attachment.htm>
More information about the Freeipa-users
mailing list