[Freeipa-users] FreeIPA bind also-notify behavior.
Dmitri Pal
dpal at redhat.com
Mon Sep 1 10:16:37 UTC 2014
On 09/01/2014 12:05 PM, Martin Kosek wrote:
> On 09/01/2014 07:50 AM, Dmitri Pal wrote:
>> On 08/29/2014 09:32 PM, Matthew Sellers wrote:
>>> Hi Everyone!
>>>
>>> I am using FreeIPA 3.3.5 on Fedora 20 and attempting to configure FreeIPA to
>>> send notifies to non-IPA slaves, but it seems broken on IPA ( notify packets
>>> are never sent to to slaves ).
>>>
>>> I have configured also-notify { nameserverip; }; in named.conf on my FreeIPA
>>> test host in the options section and watched for notify traffic with tcpdump.
>>>
>>> This document suggests that this is supported, and this is something I have
>>> used in non-IPA bind servers with no issues.
>>>
>>> https://fedoraproject.org/wiki/QA:Testcase_freeipav3_dns_zone_transfer
>>>
>>> I wanted to ask the list before I file a bug with more details. Is anyone
>>> using this bind feature on IPA with any success?
>>>
>>> Thanks!
>>> Matt
>>>
>>>
>> The DNS level change propagation is not supported between IPA replicas instead
>> it uses LDAP replication to propagate the changes.
>> If you want another non IPA DNS server to be a slave then you can do it. See
>> http://www.freeipa.org/page/V3/DNS_SOA_serial_auto-incrementation for more
>> information.
> I thought that from F20, bind-dyndb-ldap was capable of native DNS operations
> like AXFR/IXFR which can be used to actually deploy slave DNS servers. I wonder
> if also-notify is something different. CCing Petr Spacek to advise.
AFAIU slave DNS servers not controlled by IPA yes, replicas as slaves - no.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
More information about the Freeipa-users
mailing list