Martin Kosek wrote:
On Mon, 2012-02-20 at 14:34 +0100, Martin Kosek wrote:
On Fri, 2012-02-10 at 16:42 +0100, Martin Kosek wrote:
On Tue, 2012-02-07 at 16:26 +0100, Martin Kosek wrote:
On Mon, 2012-02-06 at 15:56 -0500, Rob Crittenden wrote:
Martin Kosek wrote:
On Mon, 2012-01-30 at 11:52 -0500, Rob Crittenden wrote:
Martin Kosek wrote:
Adding reverse DNS record may be a time consuming task, especially
for IPv6 addresses. Having a way to automatically create a reverse
record when a forward record is created could speed up the process.
host-add command already has this possibility.

This patch takes advantage of the new per-type API and adds new
options for A/AAAA record types: --a-create-reverse and
--aaaa-create-reverse. These commands can be used to automatically
create reverse records for new A/AAAA addresses (both forward
and reverse zones need to be managed by FreeIPA server):

ipa dnsrecord-add foo --a-rec= --a-create-reverse

This command would add a new A record to record foo in zone and a PTR record to appropriate reverse zone for
IP address (for example PTR record 1 in zone pointing to

Few modification were done to new DNS API to support this feature:
    - Refactor --ip-address option handling from host-add and place it
      to to be used by both modules
    - Add support for "extra" per-type options
    - Hide DNS record part options in dnsrecord_find command as they
      have no effect for this command

Can the options -a-create-reverse and -aaaa-create-reverse be combined?
I was able to create an IPv4 addr using -aaaa-create-reverse:

# ipa dnsrecord-add baz --a-rec=
     Record name: baz
     A record:

Otherwise the patch seems fine.

These 2 options can be combined, you can add both A and AAAA forward
records and create records in their reverse records at the same time:

ipa dnsrecord-add bar --a-rec= --a-create-reverse
--aaaa-rec=2001::beef:1 --aaaa-create-reverse

In your case the option --aaaa-create-reverse is ignored as there is no
AAAA rec added. Thus no AAAA record callback which would create this
reverse record is called.

We may implement some checks which would throw a validation error when
--a-create-reverse/--aaaa-create-reverse is called without a respective
A/AAAA record.


Yes, I think that is the way to go, otherwise this is confusing.


Now, an exception is thrown if you try to pass --<rrtype>-create-reverse
without an appropriate --<rrtype>-rec option filled:

# ipa dnsrecord-add baz --a-rec= 
ipa: ERROR: 'aaaarecord' is required

I also refactored pre_callback of dnsrecord-add command a little, I
didn't like parsing<rrtype>  from parameter name using regexes. Now,
every DNS part option has a link to "parent" DNS record stored in hint


Petr Vobornik noticed that reserved IP address passed to --a-rec
(--aaaa-rec) causes an Internal Error when --a-create-reverse is set at
the same time:

# ipa dnsrecord-add foo --aaaa-ip-address=F:F:F:A::12 
ipa: ERROR: an internal error has occurred

Attached patch fixes it:

# ipa dnsrecord-add foo --aaaa-ip-address=F:F:F:A::12 
ipa: ERROR: invalid 'aaaarecord': cannot use IANA reserved IP address


I rebased the patch for the lastest ipa-2-2 version. There was a
conflict with ssh patches that were pushed recently.


Another rebase to current version (my DNS patches 195-199 were pushed).


ACK, works for me.


Freeipa-devel mailing list

Reply via email to