[Freeipa-users] ipa-replica-install fails because of IPv6?

Martin Basti mbasti at redhat.com
Wed Oct 26 14:48:41 UTC 2016 


On 26.10.2016 16:42, Jochen Demmer wrote:
>
>
> Am 26.10.2016 um 16:27 schrieb Martin Basti:
>>
>>
>>
>> On 26.10.2016 16:10, Jochen Demmer wrote:
>>> Hi,
>>>
>>> my answers also inline.
>>>
>>> Am 26.10.2016 um 15:38 schrieb Martin Basti:
>>>>
>>>> Hi, comments inline
>>>>
>>>>
>>>> On 26.10.2016 14:28, Jochen Demmer wrote:
>>>>> Hi,
>>>>>
>>>>> I've been running and using a single FreeIPA server successfully, 
>>>>> i.e.:
>>>>> Fedora 24
>>>>> freeipa-server-4.3.2-2.fc24.x86_64
>>>>> This server is only available via IPv6, because I can't get public 
>>>>> lPv4 addresses no more.
>>>>>
>>>>> Now I want to setup a FreeIPA replica at another site also running 
>>>>> IPv6, Fedora 24 and freeipa-server-4.3.2-2.fc24.x86_64
>>>>> First I run "ipa-client-install" which succeeds without an error.
>>>>> When I invoke "ipa-replica-install" I get this error:
>>>>> ipa         : ERROR    Could not resolve hostname 
>>>>> *hostname.mydoma.in* using DNS. Clients may not function properly. 
>>>>> Please check your DNS setup. (Note that this check queries IPA DNS 
>>>>> directly and ignores /etc/hosts.)
>>>>> LOG:
>>>>> 2016-10-26T12:14:39Z DEBUG Search DNS server *hostname.mydoma.in* 
>>>>> (['2a01:f11:1:1::1', '2a01:f11:1:1::1', '2a01:f11:1:1::1']) for 
>>>>> *hostname.mydoma.in*
>>>>
>>>> Can you check with dig or host command if the hostname is really 
>>>> resolvable on that machine? do you have proper resolver in 
>>>> /etc/resolv.conf?
>>> There is a resolver given in /etc/resolv.conf. When I do "host 
>>> <<hostname.mydoma.in>>" I get the right IPv6 back.
>> That is weird because IPA is doing basically the same.
>>
>>>>
>>>>>
>>>>> *hostname.mydoma.in* is actually the DNS entry for the old FreeIPA 
>>>>> server, which actually resolves, but only to an IPv6 address of 
>>>>> course.
>>>>> I can continue the installation though by entering "yes".
>>>>>
>>>>> I then get asked:
>>>>> Enter the IP address to use, or press Enter to finish.
>>>>> Please provide the IP address to be used for this host name:
>>>>>
>>>>> When I enter the IPv6 address of the new replica host it doesn't 
>>>>> accept but infinitely asks this question instead.
>>>>
>>>> Have you pressed enter twice? It should end prompt and continue 
>>>> with installation
>>> Enter without an IP -> No usable IP address provided nor resolved.
>>> Enter with an IP -> Error: Invalid IP Address 2a02:1:2:3::4 cannot 
>>> use IP network address 2a02:1:2:3::4 
>>
>> How do you have configured IP address on your interface? Does it have 
>> prefix /128?
> Yes, that's right. It's an IP being assigned statefully by a DHCPv6 
> server.
> There is also another dynamic IP within the same prefix having /64. I 
> don't want to use this one of course, because its IID changes.
>
Could you set (temporarily) prefix for that address to /64 and re-run 
installer? IPA 4.3 has check that prevents you to use /128 prefix


>>
>>>>
>>>>>
>>>>> Honestly, I can't see what I might have done wrong.
>>>>> Old FreeIPA has hostname is in sync forward and reverse record.
>>>>> New FreeIPA host as well has hostname that symmetrically resolves, 
>>>>> even though the hostname is using another second level domain.
>>>>>
>>>>> Any hints?
>>>>> Jochen Demmer
>>>>>
>>>>>
>>>>
>>>> Martin
>>> Jochen
>>>
>>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20161026/1b558748/attachment.htm>

More information about the Freeipa-users mailing list