On 04/09/2012 03:02 PM, KodaK wrote: > On Mon, Apr 9, 2012 at 1:53 PM, Dmitri Pal <d...@redhat.com> wrote: >> On 04/09/2012 02:50 PM, KodaK wrote: >>> On Mon, Apr 9, 2012 at 1:46 PM, Dmitri Pal <d...@redhat.com> wrote: >>>> On 04/09/2012 02:41 PM, KodaK wrote: >>>>> On Mon, Apr 9, 2012 at 1:34 PM, Dmitri Pal <d...@redhat.com> wrote: >>>>>> On 04/09/2012 02:07 PM, KodaK wrote: >>>>>>> I have two IPA servers. The primary/master is SLPIDML01 and the >>>>>>> replica is SLPIDML01. I have followed the instructions for creating a >>>>>>> replica and the install on SLPIDML02 completed successfully. However, >>>>>>> the instructions tell me to add some entries to the DNS zone file, and >>>>>>> I'm stumped. >>>>>>> >>>>>>> The FreeIPA documentation has this to say about setting up DNS for >>>>>>> replicas: >>>>>>> >>>>>>> Updating DNS for IPA Replicas >>>>>>> >>>>>>> After you have configured a new IPA replica, you should update your >>>>>>> DNS entries so that IPA clients can discover the new server. For >>>>>>> example, for an IPA replica with a server name of $HOST, you should >>>>>>> add the following entries to your zone file: >>>>>>> >>>>>>> _ldap._tcp IN SRV 0 100 389 $HOST >>>>>>> _kerberos._tcp IN SRV 0 100 88 $HOST >>>>>>> _kerberos._udp IN SRV 0 100 88 $HOST >>>>>>> _kerberos-master._tcp IN SRV 0 100 88 $HOST >>>>>>> _kerberos-master._udp IN SRV 0 100 88 $HOST >>>>>>> _kpasswd._tcp IN SRV 0 100 464 $HOST >>>>>>> _kpasswd._udp IN SRV 0 100 464 $HOST >>>>>>> _ntp._udp IN SRV 0 100 123 $HOST >>>>>>> >>>>>>> I know very little about configuring DNS. Where exactly should this >>>>>>> go? It says to add it to your zone file, all I see is a >>>>>>> named.rfc1912.zones file, and it appears to be rather structured. Do >>>>>>> I just dump these at the end? That doesn't seem to make any sense. I >>>>>>> see a reference to /var/named/example.com.zone.db, but I don't have >>>>>>> one for my domain, and I still don't know what the format of the file >>>>>>> should be. Do I need to make entries for both hosts (and any others I >>>>>>> add in the future?) >>>>>>> >>>>>> What DNS server do you use? >>>>>> Did you consider using DNS server that comes with IPA? >>>>>> >>>>> I am using the DNS server that comes with IPA. >>>> Then the replicas are added automatically to the DNS servers managed by >>>> IPA. I think the documentation refers to the case when you are not using >>>> the DNS server provided by IPA. Then you need to add mentioned entries. >>>> If this is not clear please open a ticket and provide a pointer to the >>>> section that caused the confusion. >>> I've opened a ticket, thanks. >>> >>> When I manually turn off the network interfaces on the master, the >>> replica does not take over. >> How you test it? >> The client will fail over if it can't access the server that you turned >> off. >> >> >>> For the record, the documentation makes no discernible differentiation >>> between IPA's DNS and external DNS: >>> >>> "Once the installation process completes, update the DNS entries so >>> that IPA clients can discover the new server. For example, for an IPA >>> replica with a hostname of ipareplica.example.com:" > Sorry, I thought I did reply to the list. > > I must be misunderstanding something. > > When I ipa-replica-install it does not automatically set up a DNS > replica, correct? > > When I run ipa dnsrecord-add domain.com @ --ns-rec > slpidml02.unix.magellanhealth.com. I'm only telling IPA that this new > host is now a nameserver, correct? > > So at what point do DNS entries replicate? Or do I set that up outside of > IPA? > > Thanks again, > > --Jason
Rob, When we add replicas, do we create SRV records for them automatically? I thought so but may be I am wrong? Can you please chime in? -- Thank you, Dmitri Pal Sr. Engineering Manager IPA project, Red Hat Inc. ------------------------------- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users