[Freeipa-users] Errors while adding DNS Zone

Matt Wells matt.wells at mosaic451.com
Mon Mar 9 18:18:41 UTC 2015 

I'm getting some errors on a DNS Zone that I'm attempting to create.
My systems reside within a sub-domain of example.com.
(xyz.example.com)
Of course example.com is the internet address, but I want to host the
internal example.com so we're able to point to internal intranets and
so on.

So to the good stuff
Regardless of what flags I give, what NS records I change, the NS
never actually set.  I know it's something silly that I'm overlooking
but would really love other eyes.

I go to create the zone on server2.
[root at server2 html]# ipa dnszone-add example.com
  Zone name: example.com.
  Active zone: TRUE
  Authoritative nameserver: server2.xyz.example.com.
  Administrator e-mail address: hostmaster
  SOA serial: 1425924224
  SOA refresh: 3600
  SOA retry: 900
  SOA expire: 1209600
  SOA minimum: 3600
  BIND update policy: grant xyz.example.com krb5-self * A; grant
xyz.example.com krb5-self * AAAA; grant xyz.example.com krb5-self *
SSHFP;
  Dynamic update: FALSE
  Allow query: any;
  Allow transfer: none;
[root at server2 html]# rndc reload
server reload successful

------------
Logs on server1 show this

Mar 09 18:03:48 server1.xyz.example.com named-pkcs11[23279]: zone
example.com/IN: NS 'server2.xyz.example.com' has no address records (A
or AAAA)
Mar 09 18:03:48 server1.xyz.example.com named-pkcs11[23279]: zone
example.com/IN: NS 'server1.xyz.example.com' has no address records (A
or AAAA)
Mar 09 18:03:48 server1.xyz.example.com named-pkcs11[23279]: zone
example.com/IN: not loaded due to errors.
Mar 09 18:03:48 server1.xyz.example.com named-pkcs11[23279]:
update_zone (syncrepl) failed for
'idnsname=example.com.,cn=dns,dc=xyz,dc=example,dc=com'. Zones can be
outdated, run `rndc reload`: bad zone
Mar 09 18:03:48 server1.xyz.example.com named-pkcs11[23279]: zone
example.com/IN: NS 'server2.xyz.example.com' has no address records (A
or AAAA)
Mar 09 18:03:48 server1.xyz.example.com named-pkcs11[23279]: zone
example.com/IN: NS 'server1.xyz.example.com' has no address records (A
or AAAA)
Mar 09 18:03:48 server1.xyz.example.com named-pkcs11[23279]: zone
example.com/IN: not loaded due to errors.
Mar 09 18:03:48 server1.xyz.example.com named-pkcs11[23279]:
update_zone (syncrepl) failed for
'idnsname=example.com.,cn=dns,dc=xyz,dc=example,dc=com'. Zones can be
outdated, run `rndc reload`: bad zone
Mar 09 18:03:51 server1.xyz.example.com named-pkcs11[23279]: zone
example.com/IN: NS 'server2.xyz.example.com' has no address records (A
or AAAA)
Mar 09 18:03:51 server1.xyz.example.com named-pkcs11[23279]: zone
example.com/IN: NS 'server1.xyz.example.com' has no address records (A
or AAAA)
Mar 09 18:03:51 server1.xyz.example.com named-pkcs11[23279]: zone
example.com/IN: not loaded due to errors.
Mar 09 18:03:51 server1.xyz.example.com named-pkcs11[23279]: zone
example.com/IN: unable to reload invalid zone; reload triggered by
change in 'idnsname=_kerberos,idnsname=example.com.,cn=dns,dc=xyz,dc=example,dc=com':bad
zone
Mar 09 18:03:51 server1.xyz.example.com named-pkcs11[23279]: zone
example.com/IN: NS 'server2.xyz.example.com' has no address records (A
or AAAA)
Mar 09 18:03:51 server1.xyz.example.com named-pkcs11[23279]: zone
example.com/IN: NS 'server1.xyz.example.com' has no address records (A
or AAAA)
Mar 09 18:03:51 server1.xyz.example.com named-pkcs11[23279]: zone
example.com/IN: not loaded due to errors.
Mar 09 18:03:51 server1.xyz.example.com named-pkcs11[23279]:
update_zone (syncrepl) failed for
'idnsname=example.com.,cn=dns,dc=xyz,dc=example,dc=com'. Zones can be
outdated, run `rndc reload`: bad zone

More information about the Freeipa-users mailing list