On 3/5/20 5:54 PM, mike clagett via FreeIPA-users wrote:
hi all,
Here is my scenario. I will just use .mike as my TLD example here:
TLD domain - .mike
Primary FreeIPA server that is serving as my master DNS - freeipa.mike
Within this setup, I want to set up a dns zone called dev.mike, with its own
DNS server called freeipa0.dev.mike to manage all dns in the dev.mike zone,
while leaving freeipa.mike to manage the rest production dns.
In my client machine (Mac OS X) - when I try to nslookup a domain in the
dev.mike zone, I get a non-authoritative answer from the freeipa.mike server.
Results of forwardzone-show for my freeipa.mike:
ipa dnsforwardzone-show dev.mike.
Zone name: dev.mike.
Active zone: TRUE
Zone forwarders: 10.x.x.x. (this IP is the correct IP address of the
freeipa0.dev.mike server)
Forward policy: first
The issue I am having is sometimes my dev.mike domains just won't resolve, and
I have to manually add the dev.mike dns server to my network settings and
remove all the other DNS settings to get to VM's in my dev.mike zone.
Can anybody assist me with some troubleshooting to figure out why why dns
forwarding isn't working 100% reliably?
Hi,
please have a look at the section "Zone Delegation in IdM DNS Master
Zone" in the chapter 33.6 Managing DNS Forwarding [1]. The master zone
.mike must contain a NS record for dev.mike. and an A glue record for
freeipa0.dev.mike as explained in [2].
HTH,
flo
[1]
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/managing-dns-forwarding
[2] https://www.freeipa.org/page/Troubleshooting/DNS#missing_zone_delegation
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
