[Freeipa-users] DNS forwarder "first" does not fallback to local
Petr Spacek
pspacek at redhat.com
Mon Jun 29 16:26:45 UTC 2015
On 29.6.2015 18:22, Matt . wrote:
> Hi,
>
> Because it can happen that hostnames are used twice, but one for each network.
>
> This sounds a little bit odd, but it has something todo with hostnames
> that are needed, public names and internal names. But as both networks
> have their own DNS servers, some records are just not provisioned so
> need to be added manually to the non-managed server.
Okay, so you basically wants 'DNS views'. There is only once advice about
that: "Do not do that" :-)
I would highly recommend you to read and follow following articles:
http://www.freeipa.org/page/Deployment_Recommendations#DNS
http://www.freeipa.org/page/DNS#Internal-only_domains
Sure, in already deployed network it is not easy but be assured that getting
rid of DNS views/split-brain DNS it will save you a lot of headaches in the
long term.
I'm sorry for uncomforting answers...
Petr Spacek @ Red Hat
> 2015-06-29 17:11 GMT+02:00 Petr Spacek <pspacek at redhat.com>:
>> On 29.6.2015 16:10, Matt . wrote:
>>> Hi Petr,
>>>
>>> Yes I understand why this is "not possible". The idea was to have a
>>> managed DNS server from scripting and one for "other usage" by clients
>>> who only need to know about the "unknown" records on Server1, this as
>>> it should forward most and only do specific local lookups.
>>>
>>> Your subdomain solution might be something if I want to go this way.
>>
>> I still do not understand the use case. Why not let scripts to modify records
>> on one single server?
>>
>> --
>> Petr^2 Spacek
More information about the Freeipa-users
mailing list