On 10.2.2012 16:42, Martin Kosek wrote:
On Tue, 2012-02-07 at 16:26 +0100, Martin Kosek wrote:
On Mon, 2012-02-06 at 15:56 -0500, Rob Crittenden wrote:
Martin Kosek wrote:
On Mon, 2012-01-30 at 11:52 -0500, Rob Crittenden wrote:
Martin Kosek wrote:
Adding reverse DNS record may be a time consuming task, especially
for IPv6 addresses. Having a way to automatically create a reverse
record when a forward record is created could speed up the process.
host-add command already has this possibility.
This patch takes advantage of the new per-type API and adds new
options for A/AAAA record types: --a-create-reverse and
--aaaa-create-reverse. These commands can be used to automatically
create reverse records for new A/AAAA addresses (both forward
and reverse zones need to be managed by FreeIPA server):
ipa dnsrecord-add example.com foo --a-rec=10.0.0.1 --a-create-reverse
This command would add a new A record to record foo in zone
example.com and a PTR record to appropriate reverse zone for
IP address 10.0.0.1 (for example PTR record 1 in zone
0.0.10.in-addr.arpa. pointing to foo.example.com.).
Few modification were done to new DNS API to support this feature:
- Refactor --ip-address option handling from host-add and place it
to dns.py to be used by both modules
- Add support for "extra" per-type options
- Hide DNS record part options in dnsrecord_find command as they
have no effect for this command
https://fedorahosted.org/freeipa/ticket/2009
Can the options -a-create-reverse and -aaaa-create-reverse be combined?
I was able to create an IPv4 addr using -aaaa-create-reverse:
# ipa dnsrecord-add example.com baz --a-rec=192.168.166.115
--aaaa-create-reverse
Record name: baz
A record: 192.168.166.115
Otherwise the patch seems fine.
These 2 options can be combined, you can add both A and AAAA forward
records and create records in their reverse records at the same time:
ipa dnsrecord-add example.com bar --a-rec=10.0.0.1 --a-create-reverse
--aaaa-rec=2001::beef:1 --aaaa-create-reverse
In your case the option --aaaa-create-reverse is ignored as there is no
AAAA rec added. Thus no AAAA record callback which would create this
reverse record is called.
We may implement some checks which would throw a validation error when
--a-create-reverse/--aaaa-create-reverse is called without a respective
A/AAAA record.
Martin
Yes, I think that is the way to go, otherwise this is confusing.
rob
Now, an exception is thrown if you try to pass --<rrtype>-create-reverse
without an appropriate --<rrtype>-rec option filled:
# ipa dnsrecord-add example.com baz --a-rec=192.168.166.115
--aaaa-create-reverse
ipa: ERROR: 'aaaarecord' is required
I also refactored pre_callback of dnsrecord-add command a little, I
didn't like parsing<rrtype> from parameter name using regexes. Now,
every DNS part option has a link to "parent" DNS record stored in hint
attribute.
Martin
Petr Vobornik noticed that reserved IP address passed to --a-rec
(--aaaa-rec) causes an Internal Error when --a-create-reverse is set at
the same time:
# ipa dnsrecord-add example.com foo --aaaa-ip-address=F:F:F:A::12
--aaaa-create-reverse
ipa: ERROR: an internal error has occurred
Attached patch fixes it:
# ipa dnsrecord-add example.com foo --aaaa-ip-address=F:F:F:A::12
--aaaa-create-reverse
ipa: ERROR: invalid 'aaaarecord': cannot use IANA reserved IP address
Martin
I would prefer if there was a single --create-reverse option for both A
and AAAA records, as it IMO makes more sense from user's point of view.
What do you think?
Honza
--
Jan Cholasta
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
