On Fri, Mar 8, 2019 at 4:48 PM Rob van Halteren via FreeIPA-users
<[email protected]> wrote:
>
> Oke may have found a probable cause for the stall of the the applications.
>
> I have 1 fileserver that has a ipa-client installed and is enroled on the
> ipa-server. It serves 3 nfs shares, one of them are home-directories.
> In the logs at times that the old replica is switched off , I see al lot of:
> kernel: lockd: cannot monitor client.local.ourdomain.example Messages.
>
> On the ipa-server I see a lot of:
> named-pkcs11[1718]: network unreachable resolving
> 'ns-1471.some.domain/AAAA/IN': 2001:500:e::1#53 kind of messages.
So either there used to be an additional DNS zone in your old IPA
instance that you didn't replicate on the new one (or the DNS
configuration does not match exactly), or there is some stale data in
the client or nfs servers.
You might want to list the dns zones in your soon-to-be-retired IPA replica.
Otherwise, I would shut down that old replica again and
wireshark/tcpdump that network traffic to determine what is going on.
> In named.conf
> // turns on IPv6 for port 53
> listen-on-v6 {any;};
> dnssec-enable yes;
> dnssec-validation yes;
>
> Wonder if it could be helpfull to change the config to force ipv4 only.
>
> any help appreciated.
>
>
> _______________________________________________
> FreeIPA-users mailing list -- [email protected]
> To unsubscribe send an email to [email protected]
> Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedorahosted.org/archives/list/[email protected]
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
