[Freeipa-users] DNS Replication Validation
Rich Megginson
rmeggins at redhat.com
Thu Sep 24 15:02:38 UTC 2015
On 09/24/2015 08:53 AM, Martin Basti wrote:
>
>
> On 09/24/2015 04:43 PM, Rich Megginson wrote:
>> On 09/24/2015 08:32 AM, Aric Wilisch wrote:
>>> I need a way to validate that both the primary and the redundant
>>> FreeIPA server’s DNS zones are in sync. What’s the simplest way for
>>> me to do this?
>>
>> Do a DNS query to confirm that the SOA record for the primary is
>> identical to the SOA for the secondary.
>
> SOA serials are not replicated.
So with IPA you can have a master DNS and a replica DNS that have
different SOA?
Then the records are replicated using the standard IPA dirsrv
replication protocol?
In that case, doesn't ipa-replica-manage have a way to ask if the
replicas are in sync?
>
> You can get all records via AXFR, and compare them per zone.
>
> Maybe you can use python-dns to do comparation
>
> http://www.dnspython.org/examples.html
That seems pretty heavyweight if there are a lot records.
>
> HTH
> Martin
>>
>>>
>>> My boss won’t let me continue with an upgrade until he’s sure the
>>> primary and redundant servers have the same DNS records and are in
>>> sync. I’ve tried finding documentation on this but keep coming up
>>> blank.
>>>
>>> Thanks in advance.
>>>
>>
>
More information about the Freeipa-users
mailing list