[Freeipa-users] IPA's own ptr record - unresolvable ?
Petr Spacek
pspacek at redhat.com
Fri Jun 3 09:09:32 UTC 2016
On 3.6.2016 10:33, lejeczek wrote:
>
>
> On 03/06/16 08:06, Petr Spacek wrote:
>> On 2.6.2016 18:30, lejeczek wrote:
>>> hi users,
>>>
>>> I do (all on IPA server)
>>>
>>> $ host 10.5.6.100
>>> Host 100.6.5.10.in-addr.arpa. not found: 3(NXDOMAIN)
>>>
>>> I do:
>>>
>>> $ host 10.5.6.17
>>> 17.6.5.10.in-addr.arpa domain name pointer ......
>>>
>>> I do:
>>>
>>> $ ipa dnsrecord-find 5.10.in-addr.arpa
>>> Record name: @
>>> NS record: rider.private.dom., swir.private.dom.,
>>> work5.private.dom.
>>>
>>> Record name: 19.10
>>> PTR record: work1.private.dom.
>>>
>>> Record name: 23.10
>>> PTR record: work5.private.dom.
>>>
>>> Record name: 100.6
>>> PTR record: rider.private.dom.
>>>
>>> Record name: 17.6
>>> PTR record: dzien.private.dom.
>>>
>>> Record name: 32.6
>>> PTR record: swir.private.dom.
>>> ----------------------------
>>> Number of entries returned 6
>>>
>>>
>>> dig also find these records.
>>>
>>> this is probably why replica fails with:
>>>
>>> ipa.ipapython.install.cli.install_tool(Replica): ERROR Unable to resolve
>>> the IP address 10.5.6.100 to a host name, check /etc/hosts and DNS name
>>> resolution
>>>
>>> must be something trivial?
>> Likely :-) It could have multiple reasons.
>> E.g. DNS delegation from parent domain could be broken which could cause
>> this etc.
>>
>> Please try commands
>> $ dig -x <IP address> PTR
>>
>> and
>>
>> $ dig -x <IP address> SOA
>>
>> and post their output, preferably without redacting it because the attempt to
>> hind real names often hide the root cause. I will have a look.
> I see, later after first server installation IPA (itself) created:
> 6.5.10.in-addr.arpa. and that was where PTR record was missing.
> Is this one of test cases where it brakes? If one uses 5.10.in-addr.arpa class
> for reverse zone? Is this against any standard?
Feel free to delete IPA-created zone 6.5.10.in-addr.arpa. and put PTR record
into your own zone 5.10.in-addr.arpa.
FreeIPA installer is buggy in this aspect. It should be fixed in one of next
releases as part of External DNS integration.
Please be so kind and open a ticket
https://fedorahosted.org/freeipa/newticket
and describe your problem in there so we do not forget to cover this case.
Thank you for your time!
--
Petr^2 Spacek
More information about the Freeipa-users
mailing list