[Freeipa-users] bind-dyndb-ldap replication errors
Brendan Kearney
bpk678 at gmail.com
Wed Apr 12 12:26:48 UTC 2017
list members,
i am using bind-dyndb-ldap without freeipa, and i consistently get the
below errors in my logs:
update_zone (syncrepl) failed for master zone DN
'idnsName=24.168.192.in-addr.arpa.,cn=dns,ou=Daemons,dc=bpk2,dc=com'.
Zones can be outdated, run `rndc reload`: unexpected error
the zone that has issue varies, but it is always a zone that allows
dynamic updates. it seems that some replication event fails and a
manual resync of things has to be performed. any ideas what might be
going on?
fedora 24, with nearly all recent updates
bind-9.10.4-3.P6.fc24.x86_64
bind-dyndb-ldap-10.1-1.fc24.x86_64
openldap-2.4.44-1.fc24.x86_64
i have multi master replication configured between 2 masters, and no
other replication events seem to fail. i am not sure where to look for
issues.
named.conf:
dynamic-db "bpk2.com" {
library "ldap.so";
arg "uri ldap://192.168.88.1";
arg "base cn=dns,ou=Daemons,dc=bpk2,dc=com";
arg "auth_method sasl";
arg "sasl_mech GSSAPI";
arg "sasl_realm BPK2.COM";
arg "krb5_keytab FILE:/etc/named.keytab";
arg "krb5_principal DNS/server1.bpk2.com";
arg "ldap_hostname server1.bpk2.com";
arg "fake_mname dns.bpk2.com.";
arg "dyn_update yes";
arg "connections 2";
};
zone config:
dn: idnsName=24.168.192.in-addr.arpa.,cn=dns,ou=Daemons,dc=bpk2,dc=com
dnsttl: 3600
idnsallowdynupdate: TRUE
idnsallowquery: any;
idnsallowsyncptr: TRUE
idnsname: 24.168.192.in-addr.arpa.
idnssoaexpire: 604800
idnssoaminimum: 86400
idnssoamname: dns.bpk2.com.
idnssoarefresh: 10800
idnssoaretry: 900
idnssoarname: root.bpk2.com.
idnssoaserial: 1491999811
idnsupdatepolicy: grant dhcp wildcard * any;
idnszoneactive: TRUE
nsrecord: dns.bpk2.com.
objectclass: top
objectclass: idnsZone
objectclass: idnsRecord
any help would be appreciated.
thanks,
brendan
More information about the Freeipa-users
mailing list