Forward DNS for this host is working but reverse DNS is not: [root@freeipa ~]# dig node002.test.nsslabs.com @localhost
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> node002.test.nsslabs.com @localhost ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9260 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ;node002.test.nsslabs.com. IN A ;; ANSWER SECTION: node002.test.nsslabs.com. 1200 IN A 10.51.102.2 ;; AUTHORITY SECTION: test.nsslabs.com. 86400 IN NS freeipa.test.nsslabs.com. ;; ADDITIONAL SECTION: freeipa.test.nsslabs.com. 1200 IN A 10.51.101.23 ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Mon Oct 28 04:30:28 2013 ;; MSG SIZE rcvd: 96 [root@freeipa ~]# dig 10.51.102.2 @localhost ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> 10.51.102.2 @localhost ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57193 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;10.51.102.2. IN A ;; AUTHORITY SECTION: . 10800 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2013102800 1800 900 604800 86400 ;; Query time: 153 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Mon Oct 28 04:30:39 2013 ;; MSG SIZE rcvd: 104 On 28 October 2013 15:33, Andrew Holway <andrew.hol...@gmail.com> wrote: > Here is some info from FreeIPA . . . > > [root@freeipa ~]# ipa host-show > > Host name: node002.test.nsslabs.com > > Host name: node002.test.nsslabs.com > > Certificate: > MIIDrzCCApegAwIBAgIBETANBgkqhkiG9w0BAQsFADA7MRkwFwYDVQQKExBURVNULk5TU0xBQlMuQ09NMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMTMxMDI4MDkwMDAxWhcNMTUxMDI5MDkwMDAxWjA+MRkwFwYDVQQKExBURVNULk5TU0xBQlMuQ09NMSEwHwYDVQQDExhub2RlMDAyLnRlc3QubnNzbGFicy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBNjwG219iSyJ7f8TVjoIUN8Wtk3WfaCTEW43d534UDCsC4e5pd/dsOqsCk+NqVf6u6SA80ZFnZp/z7ULoY9rm/+IRBY2M/ofu8PHVZ2wu33/4RhW9FXORh51rSaklefs3ZAgo+Ra2aiEdsm4vSk4+0f3dUnbtoqg6bkK0NHjUEkof/7EyM+WLhXUIfXnyFFu3gnHzqntX/SbybgtG8AuDSkm07LLnbY354u28OPE+DLaGgYPqZmuvdHVAEWu8i2uCywOyf3yHuFA59UjZclb7IQZ0qvm8GUUJjidFOfmgBSueyTUs+JvojYu2Z+roqwJpFY60oiSwMQw3fuHh/UqFAgMBAAGjgbowgbcwHwYDVR0jBBgwFoAUxjS+P9INb5f52vII8K8H9v8NqaUwRgYIKwYBBQUHAQEEOjA4MDYGCCsGAQUFBzABhipodHRwOi8vZnJlZWlwYS50ZXN0Lm5zc2xhYnMuY29tOjgwL2NhL29jc3AwDgYDVR0PAQH/BAQDAgTwMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUt6Eh8e4si95/Q/CbzbbAB5cESVUwDQYJKoZIhvcNAQELBQADggEBAK5OQe2jPdzTJZTizgLE8AMSlw9NWVCY0bLh4HbbIhazFo++FOlA! rRf8AfwukmFdv97JEy3wDWDccxQXBC+8/tmIP3TeILcLAwEmdmSynKXOvhQ97+EGNmQRO9uXLo1C5ognxUiDbjmXYWkMRjJFLzBvqbA4veRekgvS27faZa0lTTxygk2hrbcMyVN6MHGLdX07EMgSa6IkIUZ+TdLZwMep9IK6CtoJelTjDP0JIy3n5DBVzJ+C0GZ0XUyUE6vXFcpuvyGY4ckQHf1sEbWFcRmJsxsweAgGwol2GJAWa7vZJlTVJZOMgV8fO0aK0Y8kl/KHN+ycxWFQyxZ3njDPn6g= > > Principal name: host/node002.test.nsslabs....@test.nsslabs.com > > Password: False > > Keytab: True > > Managed by: node002.test.nsslabs.com > > Subject: CN=node002.test.nsslabs.com,O=TEST.NSSLABS.COM > > Serial Number: 17 > > Serial Number (hex): 0x11 > > Issuer: CN=Certificate Authority,O=TEST.NSSLABS.COM > > Not Before: Mon Oct 28 09:00:01 2013 UTC > > Not After: Thu Oct 29 09:00:01 2015 UTC > > Fingerprint (MD5): d4:d7:fa:14:31:0a:71:70:c9:62:43:65:ab:c5:09:93 > > Fingerprint (SHA1): > d2:72:8d:20:4b:c7:e5:a8:2d:bc:f9:e7:ca:c0:9b:f5:d9:53:c6:74 > > SSH public key fingerprint: > 28:24:23:6C:6D:42:22:8A:38:10:C8:00:5B:11:43:F4 (ssh-dss), > 43:3E:0A:E3:17:26:89:8B:6E:D3:66:FA:67:6D:CA:76 (ssh- > > rsa) > > [root@freeipa ~]# ipa host-show > > Host name: node001.swim1.test.nsslabs.com > > Host name: node001.swim1.test.nsslabs.com > > Certificate: > MIIDtTCCAp2gAwIBAgIBEDANBgkqhkiG9w0BAQsFADA7MRkwFwYDVQQKExBURVNULk5TU0xBQlMuQ09NMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMTMxMDI4MDg1MjM0WhcNMTUxMDI5MDg1MjM0WjBEMRkwFwYDVQQKExBURVNULk5TU0xBQlMuQ09NMScwJQYDVQQDEx5ub2RlMDAxLnN3aW0xLnRlc3QubnNzbGFicy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyLPK9JKLZLuDoecKehT9MZnBeaJqHzF6nC+JhXd6wf5Kcy7WyVCVgWxchnvMo0x0CPN5mRDfHUpsT3MRILmRl/0OGgPft4Tl5X27kwfORT3/YPQVohclR2xS3RRZUTsuPlY6L2If02DL6wauWKzfVxASHB43JKLoTOA5GnM9CBGirs6R3yiNW0ow41kKslM6mwAXCwh7bSMRmBd43T3bvtFGLAMqKzn4t+v0ezaFSRvXeVPUeK4Mt8ZhzQ/FwMVW2HT3og2TBgIbCnk/U6R1Syyic7OvNWiODXHoepcQgYXv/G3kt2bqqyO7JJZkznGskF8TRQga1rnpHs1bYkGEFAgMBAAGjgbowgbcwHwYDVR0jBBgwFoAUxjS+P9INb5f52vII8K8H9v8NqaUwRgYIKwYBBQUHAQEEOjA4MDYGCCsGAQUFBzABhipodHRwOi8vZnJlZWlwYS50ZXN0Lm5zc2xhYnMuY29tOjgwL2NhL29jc3AwDgYDVR0PAQH/BAQDAgTwMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUAKXs8vW7guBvh0XhWUXS26j2zJswDQYJKoZIhvcNAQELBQADggEBAJWW5ZFYGEtGLxhBeutryfMpU/R83/zxpgG6TpvJS/v4! ODANLLz+cqN8J9Ogna/wnprrYleUuhxgAvYVIyYInpt+N765g2fKMDlS1CCrfxt4F8wgG7WpN4ZzcE7roa5pYa7CP9DRupXyZfUjbFxCbYixS3zV/CU9lddlt9OJWRnPksbr6jKVAfStWnL9e5DVbOeXSuQwIbDScRLkVL7Po/z1eZATZsAMtdOLhciTId157k9hxOPn1DCyh31Z70JiXFiVL+FazljxzMMyfPCdsvKKHhjTednMBgfwRqtBtA/Hf7LjjWqiaR12y0qOQyNmZ8ylu+1sxRqUv78t6ljVRvc= > > Principal name: host/node001.swim1.test.nsslabs....@test.nsslabs.com > > Password: False > > Keytab: True > > Managed by: node001.swim1.test.nsslabs.com > > Subject: CN=node001.swim1.test.nsslabs.com,O=TEST.NSSLABS.COM > > Serial Number: 16 > > Serial Number (hex): 0x10 > > Issuer: CN=Certificate Authority,O=TEST.NSSLABS.COM > > Not Before: Mon Oct 28 08:52:34 2013 UTC > > Not After: Thu Oct 29 08:52:34 2015 UTC > > Fingerprint (MD5): ef:7f:11:54:a4:99:3c:58:f9:c8:5f:1c:2f:8e:a0:a3 > > Fingerprint (SHA1): > 87:2b:37:e0:c8:7b:54:62:a1:6f:ae:fa:7b:2a:f6:a4:3a:c6:5c:c4 > > SSH public key fingerprint: > B8:44:2F:2E:DC:4E:BF:BE:15:00:25:80:3B:A9:1D:5E (ssh-dss), > 05:11:9B:EE:D0:7A:BA:9D:BA:48:18:82:84:8F:25:82 (ssh-rsa) > > On 28 October 2013 15:20, Rob Crittenden <rcrit...@redhat.com> wrote: >> Andrew Holway wrote: >>> >>> Hello, >>> >>> I have created two DNS resource records. 51.10.in-addr.arpa. and >>> test.domain.com. It seems that it does not like to use the >>> 51.10.in-addr.arpa. for addresses. Must I specify each /24? In >>> addition, if I am adding a host node.subdomain.test.nsslabs.com. It >>> does not like this either. Must I specify a record for each subdomain? >>> Am I missing a * somewhere? >> >> >> Can you be more specific about what you're seeing? >> >> rob >> _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users