Hello list :-)

I'm currently working with some VM's in order to replicate a setup at work for which we want to use freeIPA.

Though I'm familiar with Linux in general, I'm a complete "newbie" as far as freeIPA is concerned.

Currently I have the following VM's running CentOS 7 in the network  <- I assume the netmask is the problem!

Server IPA1: fully configured with IPA:
Server IPA2: cloned from IPA1 when IPA software was installed but not configured:

Server A-CM: not yet IPA configured, shall be an IPA client
Server B-CM: not yet IPA configured, shall be an IPA client

So I used the following article as reference:


First thing I noticed was that there is no reverse zone automatically configured:


BIND DNS server will be configured to serve IPA domain with:


Reverse zone(s):  No reverse zone


After following the article until the first IPA server was set up, I noticed that the reverse lookup does not work:


Host not found: 3(NXDOMAIN)


I logged into the WebUI and tried to create the DNS reverse zone with CIDR notation "". The zone that was created was "0.128.in-addr.arpa." Which seems implausible since only - are managed by this DNS server.

Then I stumbled about this (german) page: [ https://translate.google.de/translate?sl=de&tl=en&js=y&prev=_t&hl=de&ie=UTF-8&u=http%3A%2F%2Fwww.denniskoerner.de%2Fblog%2F2012%2F03%2F20%2Fhowto-delegation-von-reverse-dns-bei-cidr-netzen-kleiner-24-nach-rfc-2317%2F&edit-text=&act=url ]

which stated:
                "By the way, the delegation of networks larger than|/24|is quite simple.If, for example, you want to delegate a|/22|network, then you
simply delegate the 4/24 networks that make up the|/22|network."

After removing the "0.128.in-addr.arpa." entry I tried to create the reverse zone for "" up to "" but freeIPA claimed that those would already exist.

Basically I hope that someone could help me out with the following questions:

1) What is the proper way to create a DNS zone (including reverse zone) for the network?

2) How do I list the present zones in order to verify if "" up to "" really do exist? (They are not listed in the WebUI)

3) Within the reverse zone "0.128.in-addr.arpa." i needed to create a PTR entry "91.209" for my server to have "host" perform the reverse lookup. Is that the way it is supposed to be?

4) Any good pointer about setting / combining this (freeIPA DNS) with DHCP? (I haven't googled for this, I must admit. Just though of this while I was typing. So feel free to ignore question no. 4 if this is a "dumb" question and there a obvious results on google :-)

PS: I studied https://tools.ietf.org/html/rfc2317 but cannot figure out how to apply this in my scenario.

Thanks to everybody for their time reading and answering!



FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to