On 03/06/16 08:06, Petr Spacek wrote:
On 2.6.2016 18:30, lejeczek wrote:
hi users,
I do (all on IPA server)
$ host 10.5.6.100
Host 100.6.5.10.in-addr.arpa. not found: 3(NXDOMAIN)
I do:
$ host 10.5.6.17
17.6.5.10.in-addr.arpa domain name pointer ......
I do:
$ ipa dnsrecord-find 5.10.in-addr.arpa
Record name: @
NS record: rider.private.dom., swir.private.dom.,
work5.private.dom.
Record name: 19.10
PTR record: work1.private.dom.
Record name: 23.10
PTR record: work5.private.dom.
Record name: 100.6
PTR record: rider.private.dom.
Record name: 17.6
PTR record: dzien.private.dom.
Record name: 32.6
PTR record: swir.private.dom.
----------------------------
Number of entries returned 6
dig also find these records.
this is probably why replica fails with:
ipa.ipapython.install.cli.install_tool(Replica): ERROR Unable to resolve
the IP address 10.5.6.100 to a host name, check /etc/hosts and DNS name
resolution
must be something trivial?
Likely :-) It could have multiple reasons.
E.g. DNS delegation from parent domain could be broken which could cause this
etc.
Please try commands
$ dig -x <IP address> PTR
and
$ dig -x <IP address> SOA
and post their output, preferably without redacting it because the attempt to
hind real names often hide the root cause. I will have a look.
hi Petr
I have to redact, but I do it programmaticaly.
I think it happened after addition of second(last) replica,
I initially installed server with 5.10.in-addr.arpa.
Now I do:
$ ipa dnszone-find
Zone name: 5.10.in-addr.arpa.
Active zone: TRUE
Authoritative nameserver: rider.private.dom.
Administrator e-mail address: hostmaster.private.dom.
SOA serial: 1464884896
SOA refresh: 3600
SOA retry: 900
SOA expire: 1209600
SOA minimum: 3600
Allow query: any;
Allow transfer: none;
Zone name: 10.5.10.in-addr.arpa.
Active zone: TRUE
Authoritative nameserver: work5.private.dom.
Administrator e-mail address: hostmaster.private.dom.
SOA serial: 1464489313
SOA refresh: 3600
SOA retry: 900
SOA expire: 1209600
SOA minimum: 3600
Allow query: any;
Allow transfer: none;
Zone name: 6.5.10.in-addr.arpa.
Active zone: TRUE
Authoritative nameserver: swir.private.dom.
Administrator e-mail address: hostmaster.private.dom.
SOA serial: 1464880660
SOA refresh: 3600
SOA retry: 900
SOA expire: 1209600
SOA minimum: 3600
Allow query: any;
Allow transfer: none;
Zone name: private.dom.
Active zone: TRUE
Authoritative nameserver: rider.private.dom.
Administrator e-mail address: hostmaster.private.dom.
SOA serial: 1464884764
SOA refresh: 3600
SOA retry: 900
SOA expire: 1209600
SOA minimum: 3600
Allow query: any;
Allow transfer: none;
----------------------------
Number of entries returned 4
----------------------------
and I dag "any" type of record and misread it, there is no
ptr record returned, I could not get how delegation can be
involved here.
It's IPA(rider is the first server) own 5.10.in-addr.arpa.
And rider sees 10.5.6.32 10.5.6.17 etc. but not it's own
record, which according to:
$ ipa dnsrecord-find 5.10.in-addr.arpa
exists:
Record name: 100.6
PTR record: rider.private.dom.
$ dig -x 10.5.6.100 +qr soa
;; QUESTION SECTION:
;100.6.5.10.in-addr.arpa. IN SOA
;; AUTHORITY SECTION:
6.5.10.in-addr.arpa. 0 IN SOA rider.private.dom.
hostmaster.private.dom. 1464880660 3600 900 1209600 3600
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
$ dig -x 10.5.6.100 +qr ptr
;; QUESTION SECTION:
;100.6.5.10.in-addr.arpa. IN PTR
;; AUTHORITY SECTION:
6.5.10.in-addr.arpa. 3600 IN SOA rider.private.dom.
hostmaster.private.dom. 1464880660 3600 900 1209600 3600
;; Query time: 1 msec
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
