On 07/22/2014 08:00 AM, Mark Heslin wrote:
Martin, Petr,
I didn't see that missing dot "." - good catch. As always the devil is
in the details :-)
Two follow up questions:
1. I've set the priority and weighting equally here but I will add a
third host
so would it make sense to just set both priority and weight to
"0" for all three hosts?:
# ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 0 53
foo1.example.com."
# ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 0 53
foo2.example.com."
# ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 0 53
foo3.example.com."
2. To Petr's point about registering the "_foo.tcp" service. By
definition this isn't really
a true "service" and more like "CNAME with benefits". (Sorry,
couldn't resist the bad dating reference ;-))
Do I actually still need to add this to /etc/services? If so,
then I'd have to do that for
all hosts in the environment, IdM servers, clients, etc., correct?
Truth be told, this is just being used for an alternative to a
true h/w, s/w load balancer
for demonstration purposes so I'm sure adding it to the services
file makes sense.
Gah! I meant to say I'm *not* sure adding it to the services file makes
sense.
Thank you both!
-m
On 07/22/2014 03:16 AM, Petr Spacek wrote:
On 22.7.2014 00:13, Mark Heslin wrote:
Hi All,
I had some off-list exchanges with Petr Spacek on this but am still
trying to
work out the correct syntax.
I have 2 hosts:
- foo1.example.com
- foo2.example.com
and would like to create a round-robin DNS srv record for both called
foo.example.com
I already have DNS entries for both hosts in IPA:
# ipa dnsrecord-show example.com foo1
Record name: foo1
A record: 10.0.0.1
# ipa dnsrecord-show example.com foo2
Record name: foo2
A record: 10.0.0.2
I'd like to get the correct syntax for adding the srv record for foo.
My understanding is that it should be something like this:
# ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 50 53
foo1.example.com"
Record name: _foo.tcp
SRV record: 0 50 53 foo1.example.com
# ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 50 53
foo2.example.com"
Record name: _foo.tcp
SRV record: 0 50 53 foo2.example.com
which seemed to be added ok but on second glance I think not:
# host -t srv _foo.tcp.example.com
_foo.tcp..example.com has SRV record 0 50 53
foo1.example.com.example.com.
_foo.tcp..example.com has SRV record 0 50 53
foo2.example.com.example.com.
In looking over the description of rfc2782
<http://en.wikipedia.org/wiki/SRV_record> it appears the IPA syntax
is a
little different,
I don't think so :-)
Please note the trailing dot in "target" part of
http://en.wikipedia.org/wiki/SRV_record#Record_format.
IPA behaves in the same way as BIND 9: All domain names without
trailing dot are automatically extended with zone origin, i.e.
"example.com.".
You have two options:
# ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 50 53 foo1"
(DNS server will automatically append "example.com.")
or
# ipa dnsrecord-add example.com _foo.tcp --srv-rec="0 50 53
foo1.example.com."
(please note the trailing dot)
Another note is about "_foo". "foo" should be "service name"
according to
http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml
It will probably not cause any problems if you invent your own name
(preferably prefixed with x- to avoid collisions in future, e.g.
"_x-foo"), but it will not hurt you if you register your protocol
into the registry :-)
See http://tools.ietf.org/html/rfc6335
and the documentation is scarce so admittedly I'm taking a swag at
this ;-)
I can do this fine without srv but don't have enough familiarity
with DNS srv
here.
Can anyone help clarify what I'm missing? I'd like to have equal
weighting,
priority
to both hosts - I'm assuming the port (53) is correct for DNS here
as well.
What are you trying to achieve? The port number refers to port used
by your application, not to DNS.
--
Red Hat Reference Architectures
Follow Us: https://twitter.com/RedHatRefArch
Plus Us: https://plus.google.com/u/0/b/114152126783830728030/
Like Us: https://www.facebook.com/rhrefarch
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project