Hello! On 2.5.2015 17:12, Nathan Peters wrote: > The last 3 sentences of my original post refer to me adding the NS records for > the slave. Is that what you mean? > > "I have also ensured that the slave hostname and IP are in FreeIPA DNS. I > have also added an NS entry pointing to the slave."
Which version of FreeIPA and bind-dyndb-ldap are you using? I will look into it. Petr^2 Spacek > -----Original Message----- From: Baird, Josh > Sent: Saturday, May 02, 2015 7:33 AM > To: 'nat...@nathanpeters.com' ; freeipa-users@redhat.com > Subject: RE: [Freeipa-users] FreeIPA 4.1.4 DNS notifications not being sent to > slaves > > Is the PowerDNS slave in the NS RRSet for the IPA domain? Unfortuantely, > bind-dyndb-ldap does not support 'also-notify' which would allow us to send > notifies each time a zone update occurs to slave servers that are not in the > RRSet [1]. To compensate for this in my environment, I had to lower the > 'refresh' timer on the IPA zone. > > [1] https://fedorahosted.org/bind-dyndb-ldap/ticket/152 > > -----Original Message----- > From: freeipa-users-boun...@redhat.com > [mailto:freeipa-users-boun...@redhat.com] On Behalf Of nat...@nathanpeters.com > Sent: Friday, May 1, 2015 8:20 PM > To: freeipa-users@redhat.com > Subject: [Freeipa-users] FreeIPA 4.1.4 DNS notifications not being sent to > slaves > > I have 2 FreeIPA 4.1.4 servers setup on CentOS 7 as replicas. > > I also have another host running PowerDNS serving as a slave. > The FreeIPA servers are setup to allow transfers to the slave by IP. When > adding the zone, the slave transfered it properly. > > However, when I update the zone in FreeIPA, although the serial number > changes, in the /var/log/messages I only see an attempt to transfer to the > second IPA server, and not the slave. This is the only log entry : > > May 2 01:06:56 dc1 named-pkcs11[5897]: zone mydomain.net/IN: sending notifies > (serial 1430528817) May 2 01:06:57 dc1 named-pkcs11[5897]: client > 10.178.0.99#29832: received notify for zone 'mydomain.net' > > I have restarted all services using ipactl restart several times. I have also > ensured that the slave hostname and IP are in FreeIPA DNS. I have also added > an NS entry pointing to the slave. > > According to the FreeIPA manual, once that NS entry is added, any zone updates > should trigger a notify, but still the only notifications go out to FreeIPA > servers and nothing else. > > Any idea how to fix this so FreeIPA notifies non IPA servers? I'm pretty sure > I've followed all the instructions to the letter on this one... > > > -- > Manage your subscription for the Freeipa-users mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-users > Go to http://freeipa.org for more info on the project -- Petr^2 Spacek -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
