[Freeipa-users] DNS forwarder "first" does not fallback to local
Petr Spacek
pspacek at redhat.com
Mon Jun 29 09:20:02 UTC 2015
On 27.6.2015 19:06, Matt . wrote:
> Hi All,
>
> When I add a forwarder with policy to forward first, there is only
> forwarder and not a fallback to local when the record doesn't exist on
> the forward server.
>
> When I remove the forwardserver, the local lookup works great again.
>
> Is this known to 3.0 servers or has it been a bug or am I doing somethin wrong ?
Forwarders in FreeIPA behave in the same way as in BIND 9.9 and the behavior
you describe seems to be okay.
The behavior is summarized in a nice table here:
http://www.freeipa.org/page/V4/Forward_zones#Use_Cases
In other words, there is no thing like 'look into this zone and look into that
zone if the first zone does not contain an answer'. Such behavior would break
the very basic principle of DNS - division to independent, self-contained
zones. What are you trying to achieve? What is the use-case?
Please note that in FreeIPA < 4.1 zones with non-empty 'forwarders' attribute
were automatically configured as forward zones. The split to pure forward and
master zones happened in FreeIPA 4.1.
--
Petr^2 Spacek
More information about the Freeipa-users
mailing list