On Sun, Oct 20, 2013 at 11:44 PM, Petr Spacek <pspa...@redhat.com> wrote:

> On 18.10.2013 21:44, Stephen Ingram wrote:
>> I'm using IPA 3.0.x on RHEL 6.4 and trying to setup other zones in DNS. I
>> notice that regardless of the TTL set in the SOA for the zone, the
>> individual records default to 86400. I see there has been previous
>> discussion on the list (
>> https://www.redhat.com/**archives/freeipa-users/2012-**
>> November/msg00158.html<https://www.redhat.com/archives/freeipa-users/2012-November/msg00158.html>
>> )
>> saying that the 86400 value is hard-coded into bind-dyndb-ldap. It appears
>> as though it might be rectified sometime in the 3.3.x series, however, I'm
>> wondering if there is a workaround for now. Is there a way to just delete
>> this value such that the individual records will default to the value in
>> the SOA until a real fix comes along?
> For now, the only workaround is to set TTL explicitly for all affected DNS
> names. Sorry!
> $ ipa dnsrecord-mod --help | grep ttl
>   --ttl=INT             Time to live
> The most important thing is that SOA TTL is not related to default record
> TTL by definition.
> Some details are described here:
> https://www.redhat.com/**archives/freeipa-users/2012-**
> November/msg00160.html<https://www.redhat.com/archives/freeipa-users/2012-November/msg00160.html>

Am I reading this correctly then that you have to set for each *record* vs
the *zone*. If so, this makes the DNS part of IPA almost unusable except to
those willing to stick with the default 86400 or write a script to handle
each record in the zone. I've been following the list for some time, but
haven't heard much about usage of the DNS component. And, among the users I
speak with no one uses the DNS component. Perhaps this is the reason why? I
haven't looked at the code yet, but would this be that difficult to fix?  I
would love to get this working as I think IPA would be great for DNS,
especially with distributed management through the UI.

Freeipa-users mailing list

Reply via email to