[root@freeipa ~]# ipa dnszone-find Zone name: 51.10.in-addr.arpa. Authoritative nameserver: freeipa.test.nsslabs.com. Administrator e-mail address: hostmaster.test.nsslabs.com. SOA serial: 1382863622 SOA refresh: 3600 SOA retry: 900 SOA expire: 1209600 SOA minimum: 3600 Active zone: TRUE Allow query: any; Allow transfer: none;
Zone name: test.nsslabs.com Authoritative nameserver: freeipa.test.nsslabs.com. Administrator e-mail address: hostmaster.test.nsslabs.com. SOA serial: 1382950803 SOA refresh: 3600 SOA retry: 900 SOA expire: 1209600 SOA minimum: 3600 Active zone: TRUE Allow query: any; Allow transfer: none; ---------------------------- Number of entries returned 2 ---------------------------- On 28 October 2013 15:43, Andrew Holway <andrew.hol...@gmail.com> wrote: > Sorry, I didn't mean to sent the last mail. However the FreeIPA has > correctly set reverse and forward DNS. I have trimmed it up a bit for > clarity. > > Forward DNS for this host is working but reverse DNS is not: > > [root@freeipa ~]# dig node002.test.nsslabs.com @localhost > > ;; QUESTION SECTION: > ;node002.test.nsslabs.com. IN A > ;; ANSWER SECTION: > node002.test.nsslabs.com. 1200 IN A 10.51.102.2 > ;; AUTHORITY SECTION: > test.nsslabs.com. 86400 IN NS freeipa.test.nsslabs.com. > ;; ADDITIONAL SECTION: > freeipa.test.nsslabs.com. 1200 IN A 10.51.101.23 > > [root@freeipa ~]# dig 10.51.102.2 @localhost > > ;; QUESTION SECTION: > ;10.51.102.2. IN A > ;; AUTHORITY SECTION: > . 10800 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2013102800 > 1800 900 604800 86400 > > The FreeIPA server has correctly set reverse and forward DNS. > > [root@freeipa ~]# dig freeipa.test.nsslabs.com @localhost > ;; QUESTION SECTION: > ;freeipa.test.nsslabs.com. IN A > ;; ANSWER SECTION: > freeipa.test.nsslabs.com. 1200 IN A 10.51.101.23 > ;; AUTHORITY SECTION: > test.nsslabs.com. 86400 IN NS freeipa.test.nsslabs.com. > > [root@freeipa ~]# dig -x 10.51.101.23 @localhost > ;; QUESTION SECTION: > ;23.101.51.10.in-addr.arpa. IN PTR > ;; ANSWER SECTION: > 23.101.51.10.in-addr.arpa. 86400 IN PTR freeipa.test.nsslabs.com. > ;; AUTHORITY SECTION: > 51.10.in-addr.arpa. 86400 IN NS freeipa.test.nsslabs.com. > ;; ADDITIONAL SECTION: > freeipa.test.nsslabs.com. 1200 IN A 10.51.101.23 > > > This host has no reverse or forward DNS set up. But it IS enrolled in freeIPA. > > [root@freeipa ~]# dig node001.swim1.test.nsslabs.com @localhost > > ;; QUESTION SECTION: > ;node001.swim1.test.nsslabs.com. IN A > ;; AUTHORITY SECTION: > test.nsslabs.com. 3600 IN SOA freeipa.test.nsslabs.com. > hostmaster.test.nsslabs.com. 1382950803 3600 900 1209600 3600 > > > [root@freeipa ~]# dig -x 10.51.102.2 @localhost > > ;; QUESTION SECTION: > ;2.102.51.10.in-addr.arpa. IN PTR > ;; AUTHORITY SECTION: > 51.10.in-addr.arpa. 3600 IN SOA freeipa.test.nsslabs.com. > hostmaster.test.nsslabs.com. 1382863622 3600 900 1209600 3600 _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users