[Freeipa-users] Question About Properly Configuring DNS
Simo Sorce
simo at redhat.com
Mon Oct 27 16:30:05 UTC 2014
On Mon, 27 Oct 2014 14:07:42 +0000
"Trevor T Kates (Services - 6)" <trevor.t.kates at dom.com> wrote:
> Hi, all:
>
> I have four servers (two in one location, two in another) running IPA
> 3.0 set to replicate like so:
>
> Location A Server 1 - - - - - - - - Location B Server 1
> | |
> | |
> | |
> | |
> Location A Server 2 - - - - - - - - Location B Server 2
>
> Each server has DNS configured; however, I think I have configured
> something inappropriately with respect to authoritative records.
>
> I have eight zones configured and ipa dnszone-show for any one of
> them has Location B Server 1's name as authoritative. In each of the
> eight zones, I have added NS records for the other three servers. On
> all of the servers except Location B Server 1, /var/log/messages will
> show:
>
> client x.xxx.x.xxx#14366: received notify for zone
> 'x.xxx.x.in-addr.arpa': not authoritative
>
> This occurs for most, but not all, zones. Along with this:
>
> LDAP query timed out. Try to adjust "timeout" parameter
> update_record (psearch) failed, dn
> 'idnsname=xxx,idnsname=x.xxx.xx.in-addr.arpa.,cn=dns,dc=example,dc=com'
> change type 0x0. Records can be outdated, run `rndc reload`: not found
>
> I feel like I've misconfigured a few things along the way and I'd
> love some help. Along with that if anyone has recommendations on
> things I should read to help me better understand what I should be
> doing with DNS, I'd appreciate it.
Uhmm sounds like a bug in reloading the info in the bind ldap plugin.
Can you restart named on one of the other servers and tell if the
warning goes away and/or if the client returns that server as
authoritative after the bounce ?
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-users
mailing list