Hi, I search the threads but was not able to find an answer, I apologies if my question is trivial.
I have a very simple free ipa setup with two ipa servers in two different networks in two different locations. The second one was created using the following commands: 1) ipa-client-install --mkhomedir --no-ntp --enable-dns-updates to join the server to the domain 2) ipa-replica-install --setup-dns --no-forwarder --setup-ca I have a DNS global configuration setup with public dns configured and forward first option set. I have no forwarder defined at the individual level for dns server. I have no forward zones defined However my replica does not seems to be able to forward dns request to public DNS for dfomains outside my inernal domain. It needs the other freeipa server which is problematic when I have a connexion loss between the two location. Nslookup exemples: user> nslookup google.com 10.178.127.3 (initial freeip server) Server: 10.178.127.3 Address: 10.178.127.3#53 Non-authoritative answer: Name: google.com Address: 172.217.20.206 Name: google.com Address: 2a00:1450:4007:810::200e user> nslookup google.com 192.168.0.3 (replica server) Server: 192.168.0.3 Address: 192.168.0.3#53 ** server can't find google.com: REFUSED I do not know what I did wrong, when I read the documentation it seems to be the default behaviour for a server, replica or not to forward request for domain they do not manage. Any suggestions will be appreciated. -- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
