On 6.1.2016 06:42, Devin wrote: > I am noticing a very strange issue with FreeIPA, I installed FreeIPA on a > fresh Virtual Machine called (idm.servers.lnx.ninja) and registered the > Kerberos domain as LNX.NINJA. Everything installs just fine without any > issues, and even when I log into FreeIPA and go to the DNS Manager i see > that it created a few zones as I would have expected (ie: Reverse zone for > 10.10.10.x, lnx.ninja zone, and servers.lnx.ninja zone. What I notice is > that if I try to do a DNS query for any record on the (lnx.ninja) zone it > fails even though there are records there, and if I query any records > inside the servers.lnx.ninja zone they work just fine. What I can't > understand is why are my DNS queries dying on the (lnx.ninja) zone. > > So for my test I created 2 (A) records one inside (lnx.ninja) and one > inside (servers.lnx.ninja). What would cause any DNS queries to lnx.ninja > to not succeed? I have duplicated this issue multiple times with several > other VM's using different domains and they have have same issue. Any > advise is appreciated! > > [root@idm ~]# dig @localhost blah.lnx.ninja > > ; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.1 <<>> @localhost blah.lnx.ninja > ; (2 servers found) > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 50913 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 > > ;; OPT PSEUDOSECTION: > ; EDNS: version: 0, flags:; udp: 4096 > ;; QUESTION SECTION: > ;blah.lnx.ninja. IN A > > ;; Query time: 1 msec > ;; SERVER: ::1#53(::1) > ;; WHEN: Wed Jan 06 05:30:15 UTC 2016 > ;; MSG SIZE rcvd: 43 > > [root@idm ~]# dig @localhost blah.servers.lnx.ninja > > ; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.1 <<>> @localhost > blah.servers.lnx.ninja > ; (2 servers found) > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64481 > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2 > > ;; OPT PSEUDOSECTION: > ; EDNS: version: 0, flags:; udp: 4096 > ;; QUESTION SECTION: > ;blah.servers.lnx.ninja. IN A > > ;; ANSWER SECTION: > blah.servers.lnx.ninja. 86400 IN A 10.10.10.1 > > ;; AUTHORITY SECTION: > servers.lnx.ninja. 86400 IN NS idm.servers.lnx.ninja. > > ;; ADDITIONAL SECTION: > idm.servers.lnx.ninja. 1200 IN A 10.10.10.10 > > ;; Query time: 0 msec > ;; SERVER: ::1#53(::1) > ;; WHEN: Wed Jan 06 05:30:32 UTC 2016 > ;; MSG SIZE rcvd: 101
Hello, this is strange, but I do not have sufficient information right now. Please add following information: # list all configured DNS master zones $ ipa dnszone-find # list all DNS forward zones $ ipa dnsforwardzone-find # tell us exact RPM versions $ rpm -q bind bind-dyndb-ldap ipa-server Thank you. -- Petr^2 Spacek -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project