[Freeipa-users] DNS Delegation

Thu, 30 Jul 2020 16:05:43 -0700 

I'm having an issue delegating a subdomain. My domain is cloud.chx and I
ran the following.

ipa dnsrecord-add cloud.chx dc1.ad --a-rec=192.168.1.253
ipa dnsrecord-add 1.168.192.in-addr.arpa. 253 --ptr-rec=dc1.ad.cloud.chx.
ipa dnsrecord-add cloud.chx ad --ns-rec=dc1.ad.cloud.chx.


I checked and it's in the config

[root@ipa1 ~]# dig axfr cloud.chx | grep ad
ad.cloud.chx. 86400 IN NS dc1.ad.cloud.chx.
dc1.ad.cloud.chx. 86400 IN A 192.168.1.253


But when I query, it doesn't return what I expected.

[root@ipa1 ~]# dig dc1.ad.cloud.chx NS

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-16.P2.el7_8.6 <<>> dc1.ad.cloud.chx NS
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15346
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;dc1.ad.cloud.chx. IN NS

;; Query time: 27 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Jul 30 15:48:03 PDT 2020
;; MSG SIZE  rcvd: 45


The other DNS server is up and running.

[root@ipa1 ~]# dig @192.168.1.253 dc1.ad.cloud.chx

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-16.P2.el7_8.6 <<>> @192.168.1.253
dc1.ad.cloud.chx
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64777
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;dc1.ad.cloud.chx. IN A

;; ANSWER SECTION:
dc1.ad.cloud.chx. 3600 IN A 192.168.1.253

;; Query time: 1 msec
;; SERVER: 192.168.1.253#53(192.168.1.253)
;; WHEN: Thu Jul 30 15:59:21 PDT 2020
;; MSG SIZE  rcvd: 61


This is worth noting that adding +norec works.

[root@ipa1 ~]# dig dc1.ad.cloud.chx NS +norec

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-16.P2.el7_8.6 <<>> dc1.ad.cloud.chx NS
+norec
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36273
;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;dc1.ad.cloud.chx. IN NS

;; AUTHORITY SECTION:
ad.cloud.chx. 86400 IN NS dc1.ad.cloud.chx.

;; ADDITIONAL SECTION:
dc1.ad.cloud.chx. 86400 IN A 192.168.1.253

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Jul 30 15:59:39 PDT 2020
;; MSG SIZE  rcvd: 75

Is there anything I'm missing?


---

Christian Hernandez, RHCE

Principal Technical Marketing Manager - Cloud Platforms

Red Hat, Inc <https://www.redhat.com/>

[email protected]

Mobile: 626.502.8310

Slack:  chernand
<https://www.redhat.com/>

_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/[email protected]

Reply via email to