On Wed, 2012-04-18 at 12:34 -0400, Dmitri Pal wrote:
> And this all complexity for the case when we want to support not IPA
> based DNS slaves. Is this correct? If so is it really a big use case
> something that must be solved?
Yes, I think we need to allow zone transfers. they are used not just for
slaves but for other functions too.
> May be instead we should focus on the IPA DNS slave configuration that
> does not have anything other than read only DS and a DNS server that
> would get the data over ldap instead of the DNS transfers.
> Would that be a reasonable alternative?
Would be a much bigger job imo.
> I see a lot of complexity and challenges for a use case that might not
> be that significant and can be solved in a different way.
It's easier and much more flexible to support the standard zone transfer
mechanism. The matter is complex, but the actual technical solution will
not be a lot of code.
Simo Sorce * Red Hat, Inc * New York
Freeipa-devel mailing list