[Freeipa-users] DNS reverse zone is not managed by this server

Thu Dec 22 09:48:36 UTC 2016

On 22.12.2016 09:37, Maciej Drobniuch wrote:
> Hi Martin
>
> Thank you for reply.
>
> 1. The dig is returning proper PTR record. I've added it manually to 
> the zone and it's working.

I was asking for SOA and zone name, IMO there is nothing secret about 
reverse zone name from private address space

what returns this command on server?
python -c 'import netaddr; from dns import resolver; ip = 
netaddr.IPAddress("10.0.0.165"); revn = ip.reverse_dns; print revn; 
print resolver.zone_for_name(revn)'

> 2. The problem exists while adding host entries or A records with 
> "create reverse" option.
That's why I asked to run dig, the code uses DNS system to determine zone.

> 3. If I'll bind a host with ipa-client-install the PTR record gets 
> created in the reverse zone and it works
Ok

> 4. The resolv.conf file has only the IPA server IP addres/localhost added.

Have you changed it recently?

Martin

>
> Cheers!
> M.
>
> On Wed, Dec 21, 2016 at 5:43 PM, Martin Basti <mbasti at redhat.com 
> <mailto:mbasti at redhat.com>> wrote:
>
>     Hello all :)
>
>
>     On 20.12.2016 01:33, Maciej Drobniuch wrote:
>>     Hi All!
>>
>>     I get the following message while adding a new hostname.
>>
>>     "The host was added but the DNS update failed with: DNS reverse
>>     zone in-addr.arpa. for IP address 10.0.0.165 is not managed by
>>     this server"
>
>     IPA failed to get correct reverse zone, can you try dig -x
>     10.0.0.165 what will be in SOA answer?
>
>     What is the name of reverse zone you have on IPA DNS server?
>
>
>     Martin
>
>>
>>     The reverse zone is configured and working.
>>     When I am manually adding the PTR record to the reverse zone - all OK
>>
>>     While adding a new host,  the A record is being created but the
>>     PTR fails with the message above.
>>
>>     Reinstalling centos+IPA worked once but I had to reinstall again
>>     because of problems with kerberos(probably dependencies).
>>
>>     Not sure what is the root cause of the issue.
>>
>>     VERSION: 4.4.0, API_VERSION: 2.213
>>
>>     CENTOS7 Linux freeipa1 3.10.0-229.el7.x86_64 #1 SMP Fri Mar 6
>>     11:36:42 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
>>
>>     Any help appreciated!
>>     -- 
>>     Best regards
>>
>>     Maciej Drobniuch
>>     Network Security Engineer
>>     Collective-sense LLC
>>
>>
>
>
>
>
> -- 
> Best regards
>
> Maciej Drobniuch
> Network Security Engineer
> Collective-sense LLC

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20161222/25cff8ef/attachment.htm>