Hi, The zones are on both servers, just not all records are, this has a reason. One server is maintained by a script, the other one only forwards to it if needed.
The idea is that it does a local lookup, when it doesn't find the record locally, it forwards to it's forwarder to see if it has an "answer". I thought this was working but isn't and following your table it should. What are my options ? Thanks, Matt 2015-06-29 11:20 GMT+02:00 Petr Spacek <pspa...@redhat.com>: > On 27.6.2015 19:06, Matt . wrote: >> Hi All, >> >> When I add a forwarder with policy to forward first, there is only >> forwarder and not a fallback to local when the record doesn't exist on >> the forward server. >> >> When I remove the forwardserver, the local lookup works great again. >> >> Is this known to 3.0 servers or has it been a bug or am I doing somethin >> wrong ? > > Forwarders in FreeIPA behave in the same way as in BIND 9.9 and the behavior > you describe seems to be okay. > > The behavior is summarized in a nice table here: > http://www.freeipa.org/page/V4/Forward_zones#Use_Cases > > In other words, there is no thing like 'look into this zone and look into that > zone if the first zone does not contain an answer'. Such behavior would break > the very basic principle of DNS - division to independent, self-contained > zones. What are you trying to achieve? What is the use-case? > > Please note that in FreeIPA < 4.1 zones with non-empty 'forwarders' attribute > were automatically configured as forward zones. The split to pure forward and > master zones happened in FreeIPA 4.1. > > -- > Petr^2 Spacek > > -- > Manage your subscription for the Freeipa-users mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-users > Go to http://freeipa.org for more info on the project -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project