Thanks Martin, but I do not want to forward the whole subzone.

I have the example.test zone from my web hosting site, that manages also
the domain example.test
I use the example.test domain in freeIPA.
So the problem is that in the internal network, I can no longer resolve

Of course I can define all such names manually in the freeIPA dns, but
ideally (or naively) I'd like a way to
configure the freeIPA dns like: if you do not know foo.example.test,
instead of returning NXDOMAIN, please forward the request to this other

On Wed, Jul 8, 2015 at 4:09 PM, Martin Basti <> wrote:

>  On 08/07/15 14:26, Karl Forner wrote:
>    Hello,
>  When using my freeIPA DNS name server for my domain example.test, I need
> to exclude some names from the server( to be forwarded to the DNS forwarder
> for instance.
>  For example, I'd like foo.example.test not to be resolved, but forwarded.
>  How could I implement this ?
>  Thanks.
>  Karl Forner
>  Hello,
> If you plan to forward whole subzone, you can use forward zones in IPA.
> example.test -- master zone
> foo.example.test -- forward zones
> which IPA version o IPA do you have?
> If IPA > 4.0, than you can use ipa dnsforwardzone-add command.
> Otherwise dnszone-add with --forwarder option
> Do not forget to add proper NS delegation for all sub zones from parent
> zone.
> For example: ipa dnsrecord-add example.test. test
> --ns-rec=ipa.example.test.
> --
> Martin Basti
Manage your subscription for the Freeipa-users mailing list:
Go to for more info on the project

Reply via email to