[Freeipa-users] DNS not responding properly....

Petr Spacek pspacek at redhat.com
Fri Sep 5 17:56:54 UTC 2014 

Hello,

On 5.9.2014 18:14, Bret Wortman wrote:
> I've got an odd situation with one of our networks. Our systems are properly
> registered in DNS within IPA, and the web interface and IPA queries work to
> resolve the hosts, but named isn't playing along with us.
>
> [root at ipa1 data]# ipa dnsrecord-find foo.net --name=asterisk
>     Record name: asterisk
>     A record: 192.168.252.155
> ----------------------------
> Number of entries returned 1
> ----------------------------
> [root at ipa1 data]# host asterisk.foo.net
> Host asterisk.foo.net not found: 3(NXDOMAIN)
> [root at ipa1 data]# cat /etc/resolv.conf
> search foo.net
> nameserver 192.168.252.61        <--------- This is ipa1
> nameserver 192.168.252.62
> nameserver 192.168.252.63
> [root at ipa1 data]# ifconfig
> ens192: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
>           inet 192.168.252.61  netmask 255.255.255.0  broadcast 192.168.252.255
>           inet6 fe80::250:56ff:fe04:401  prefixlen 64  scopeid 0x20<link>
>           ether 00:50:56:04:04:01  txqueuelen 1000  (Ethernet)
>           RX packets 2189  bytes 332143 (324.3 KiB)
>           RX errors 0  dropped 0  overruns 0  frame 0
>           TX packets 1523  bytes 428925 (418.8 KiB)
>           TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
>
> lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
>           inet 127.0.0.1  netmask 255.0.0.0
>           inet6 ::1  prefixlen 128  scopeid 0x10<host>
>           loop  txqueuelen 0  (Local Loopback)
>           RX packets 1037  bytes 718872 (702.0 KiB)
>           RX errors 0  dropped 0  overruns 0  frame 0
>           TX packets 1037  bytes 718872 (702.0 KiB)
>           TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
>
> [root at ipa1 data]#
>
> When I dig into the named.run file, I see the trace below (I ran an "rndc
> reload" after seeing the request to do so at the end of an earlier section of
> the file; it obviously didn't help much). I'm not sure where else to look.
> /etc/named.conf and /var/named/named.ca both are in line with what we have on
> another similar system where everything is working just fine. Any thoughts?

Please double check output from
$ ipa dnszone-show foo.net

It should contain line like:
   Active zone: TRUE

Petr^2 Spacek

> 05-Sep-2014 12:04:47.111 received control channel command 'reload'
> 05-Sep-2014 12:04:47.111 zone 252.168.192.in-addr.arpa/IN: shutting down
> 05-Sep-2014 12:04:47.112 loading configuration from '/etc/named.conf'
> 05-Sep-2014 12:04:47.112 using default UDP/IPv4 port range: [1024, 65535]
> 05-Sep-2014 12:04:47.112 using default UDP/IPv6 port range: [1024, 65535]
> 05-Sep-2014 12:04:47.113 sizing zone task pool based on 6 zones
> 05-Sep-2014 12:04:47.116 option 'serial_autoincrement' is not supported, ignoring
> 05-Sep-2014 12:04:47.194 automatic empty zone: 10.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.194 automatic empty zone: 16.172.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.194 automatic empty zone: 17.172.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.194 automatic empty zone: 18.172.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.194 automatic empty zone: 19.172.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.194 automatic empty zone: 20.172.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.194 automatic empty zone: 21.172.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.194 automatic empty zone: 22.172.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.194 automatic empty zone: 23.172.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.194 automatic empty zone: 24.172.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.194 automatic empty zone: 25.172.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.195 automatic empty zone: 26.172.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.196 automatic empty zone: 27.172.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.196 automatic empty zone: 28.172.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.196 automatic empty zone: 29.172.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.196 automatic empty zone: 30.172.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.196 automatic empty zone: 31.172.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.196 automatic empty zone: 168.192.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.196 automatic empty zone: 64.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.196 automatic empty zone: 65.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.196 automatic empty zone: 66.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.198 automatic empty zone: 67.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.198 automatic empty zone: 68.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.198 automatic empty zone: 69.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.198 automatic empty zone: 70.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.198 automatic empty zone: 71.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.198 automatic empty zone: 72.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.198 automatic empty zone: 73.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.198 automatic empty zone: 74.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.198 automatic empty zone: 75.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.198 automatic empty zone: 76.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.198 automatic empty zone: 77.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.198 automatic empty zone: 78.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.198 automatic empty zone: 79.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.199 automatic empty zone: 80.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.199 automatic empty zone: 81.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.199 automatic empty zone: 82.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.199 automatic empty zone: 83.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.199 automatic empty zone: 84.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.200 automatic empty zone: 85.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.200 automatic empty zone: 86.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.200 automatic empty zone: 87.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.200 automatic empty zone: 88.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.200 automatic empty zone: 89.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.200 automatic empty zone: 90.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.201 automatic empty zone: 91.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.201 automatic empty zone: 92.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.201 automatic empty zone: 93.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.201 automatic empty zone: 94.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.201 automatic empty zone: 95.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.201 automatic empty zone: 96.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.202 automatic empty zone: 97.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.202 automatic empty zone: 98.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.202 automatic empty zone: 99.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.202 automatic empty zone: 100.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.202 automatic empty zone: 101.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.202 automatic empty zone: 102.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.203 automatic empty zone: 103.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.203 automatic empty zone: 104.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.203 automatic empty zone: 105.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.203 automatic empty zone: 106.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.203 automatic empty zone: 107.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.203 automatic empty zone: 108.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.204 automatic empty zone: 109.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.204 automatic empty zone: 110.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.204 automatic empty zone: 111.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.204 automatic empty zone: 112.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.204 automatic empty zone: 113.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.204 automatic empty zone: 114.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.205 automatic empty zone: 115.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.205 automatic empty zone: 116.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.205 automatic empty zone: 117.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.205 automatic empty zone: 118.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.205 automatic empty zone: 119.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.206 automatic empty zone: 120.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.206 automatic empty zone: 121.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.206 automatic empty zone: 122.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.206 automatic empty zone: 123.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.206 automatic empty zone: 124.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.207 automatic empty zone: 125.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.207 automatic empty zone: 126.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.207 automatic empty zone: 127.100.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.207 automatic empty zone: 127.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.207 automatic empty zone: 254.169.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.208 automatic empty zone: 2.0.192.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.208 automatic empty zone: 100.51.198.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.208 automatic empty zone: 113.0.203.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.208 automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
> 05-Sep-2014 12:04:47.208 automatic empty zone:
> 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
> 05-Sep-2014 12:04:47.209 automatic empty zone: D.F.IP6.ARPA
> 05-Sep-2014 12:04:47.209 automatic empty zone: 8.E.F.IP6.ARPA
> 05-Sep-2014 12:04:47.209 automatic empty zone: 9.E.F.IP6.ARPA
> 05-Sep-2014 12:04:47.209 automatic empty zone: A.E.F.IP6.ARPA
> 05-Sep-2014 12:04:47.209 automatic empty zone: B.E.F.IP6.ARPA
> 05-Sep-2014 12:04:47.210 automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
> 05-Sep-2014 12:04:47.213 reloading configuration succeeded
> 05-Sep-2014 12:04:47.213 reloading zones succeeded
> 05-Sep-2014 12:04:47.225 all zones loaded
> 05-Sep-2014 12:04:47.226 running
> 05-Sep-2014 12:04:47.226 update_record (syncrepl) failed, dn
> 'idnsname=ipa1,idnsname=foo.net,cn=dns,dc=foo,dc=net' change type 0x1. Records
> can be outdated, run `rndc reload`: not found
> 05-Sep-2014 12:04:47.226 update_record (syncrepl) failed, dn
> 'idnsname=_kerberos,idnsname=foo.net,cn=dns,dc=foo,dc=net' change type 0x1.
> Records can be outdated, run `rndc reload`: not found
> 05-Sep-2014 12:04:47.317 update_record (syncrepl) failed, dn
> 'idnsname=_ldap._tcp,idnsname=foo.net,cn=dns,dc=foo,dc=net' change type 0x1.
> Records can be outdated, run `rndc reload`: not found
> 05-Sep-2014 12:04:47.317 update_record (syncrepl) failed, dn
> 'idnsname=_kerberos._tcp,idnsname=foo.net,cn=dns,dc=foo,dc=net' change type 0x1.
> Records can be outdated, run `rndc reload`: not found
> 05-Sep-2014 12:04:47.318 update_record (syncrepl) failed, dn
> 'idnsname=_kerberos._udp,idnsname=foo.net,cn=dns,dc=foo,dc=net' change type 0x1.
> Records can be outdated, run `rndc reload`: not found
> 05-Sep-2014 12:04:47.318 update_record (syncrepl) failed, dn
> 'idnsname=_kerberos-master._tcp,idnsname=foo.net,cn=dns,dc=foo,dc=net' change
> type 0x1. Records can be outdated, run `rndc reload`: not found
> 05-Sep-2014 12:04:47.318 update_record (syncrepl) failed, dn
> 'idnsname=_kerberos-master._udp,idnsname=foo.net,cn=dns,dc=foo,dc=net' change
> type 0x1. Records can be outdated, run `rndc reload`: not found
> 05-Sep-2014 12:04:47.318 update_record (syncrepl) failed, dn
> 'idnsname=_kpasswd._tcp,idnsname=foo.net,cn=dns,dc=foo,dc=net' change type 0x1.
> Records can be outdated, run `rndc reload`: not found
> 05-Sep-2014 12:04:47.318 update_record (syncrepl) failed, dn
> 'idnsname=_kpasswd._udp,idnsname=foo.net,cn=dns,dc=foo,dc=net' change type 0x1.
> Records can be outdated, run `rndc reload`: not found
> 05-Sep-2014 12:04:47.319 update_record (syncrepl) failed, dn
> 'idnsname=_ntp._udp,idnsname=foo.net,cn=dns,dc=foo,dc=net' change type 0x1.
> Records can be outdated, run `rndc reload`: not found
> 05-Sep-2014 12:04:47.319 update_record (syncrepl) failed, dn
> 'idnsname=ipa-ca,idnsname=foo.net,cn=dns,dc=foo,dc=net' change type 0x1. Records
> can be outdated, run `rndc reload`: not found
> 05-Sep-2014 12:04:47.319 update_record (syncrepl) failed, dn
> 'idnsname=ipa2,idnsname=foo.net,cn=dns,dc=foo,dc=net' change type 0x1. Records
> can be outdated, run `rndc reload`: not found
> 05-Sep-2014 12:04:47.319 update_record (syncrepl) failed, dn
> 'idnsname=mcnetmon,idnsname=foo.net,cn=dns,dc=foo,dc=net' change type 0x1.
> Records can be outdated, run `rndc reload`: not found
> 05-Sep-2014 12:04:47.320 update_record (syncrepl) failed, dn
> 'idnsname=asterisk,idnsname=foo.net,cn=dns,dc=foo,dc=net' change type 0x1.
> Records can be outdated, run `rndc reload`: not found
> 05-Sep-2014 12:04:47.320 zone 252.168.192.in-addr.arpa/IN: loaded serial 1409933087
> 05-Sep-2014 12:04:47.320 1 zones from LDAP instance 'ipa' loaded (1 zones defined)

More information about the Freeipa-users mailing list