On Wed, 2011-08-31 at 14:47 +0200, Martin Kosek wrote: > On Mon, 2011-08-15 at 14:20 +0200, Martin Kosek wrote: > > A new version of bind-dyndb-ldap has been released. Thanks to the new > > persistent search feature, the name server can immediately pull new DNS > > zones when they are created in IPA. > > > > Since the bind-dyndb-ldap plugin has not been released in F-15 yet, one > > has to use the provided src.rpm: > > > > http://mkosek.fedorapeople.org/bind-dyndb-ldap/srpm/bind-dyndb-ldap-0.2.0-5.fc17.src.rpm > > > > or rpms I built for x86_64 F-15: > > > > http://mkosek.fedorapeople.org/bind-dyndb-ldap/x86_64/ > > > > There is one setback though. When I investigated DNS persistent search > > behavior I still miss the ability to detect changes to the DNS zone > > itself. Adding a record (for example MX record) to the zone does not > > trigger an update of the zone in nameserver cache. We still have to wait > > for cache timeout (argument "cache_ttl"). We cannot therefore use this > > feature as a solution of: > > > > https://fedorahosted.org/freeipa/ticket/1114 > > https://fedorahosted.org/freeipa/ticket/1125 > > https://fedorahosted.org/freeipa/ticket/1126 > > > > Martin > > > > Sending a rebased version of the patch. It requires new bind-dyndb-ldap > version that Adam has just sent to the list. > > Martin
I would also like to add a hint for reviewers how to test: 1) Install refered bind-dyndb-ldap package 2) Configure FreeIPA with DNS using 2a) ipa-dns-install without any arguments to enable zone refresh (scenario A) 2b) ipa-dns-install --zone-notif to enable persistent search (scenario B) 3) Add new zone using "ipa dnszone-add $ZONE" 4) Use following command to see if the zone is already resolvable: $ dig -t soa $ZONE 4a) scenario A: the new zone does not have to be resolvable immediately, but in default number of seconds for zone refresh (defaults to 30) 4b) scenario B: the new zone should be immediately resolvable _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel