Good morning

What, if anything, would cause a TTL to be different in a DNS config for IPA?

;; ADDITIONAL SECTION:       1200    IN    A       1200    IN    A      86400    IN    A     86400    IN    A

And yet, if I update system records, they all show the same 86400 when they were updated?

Question - if you are using the "location" function, would this possibly be related, that values are updated dynamically based on the host I am running "dig"  from is in a different location?

The other question is - how to keep IPA DNS from trying to forward a lookup.

Trying to add a replica, and Host "A" is already set as a client and working fine. It can only talk to IPA server "C". "C" is also set in resolv.conf as nameserver. When you try to add the replica however, it tries to resolve by way of using "c1" as the DNS resolver, which I don't understand why?

ipa         : DEBUG    Check forward/reverse DNS resolution
ipa         : DEBUG    Search DNS server (['', '', '']) for ipa         : ERROR    Could not resolve hostname using DNS. Clients may not function properly. Please check your DNS setup. (Note that this check queries IPA DNS directly and ignores /etc/hosts.)

DIG works fine for resolution:

# dig +short

So I am baffled. Is there something in DNS settings of IPA that would cause a server to forward to another server? (forwarding is disabled)


FreeIPA-users mailing list --
To unsubscribe send an email to

Reply via email to