On 08/07/15 16:14, Karl Forner wrote:
Okay, but DNS doesn't work in that way. Zone example.test. is
authoritative, so it must contain the record or delegation or NXDOMAIN
is returned. You cannot have multiple authoritative copies of one zone
with different data.
Thanks Martin, but I do not want to forward the whole subzone.
I have the example.test zone from my web hosting site, that manages
also the domain example.test
I use the example.test domain in freeIPA.
So the problem is that in the internal network, I can no longer
Of course I can define all such names manually in the freeIPA dns, but
ideally (or naively) I'd like a way to
configure the freeIPA dns like: if you do not know foo.example.test,
instead of returning NXDOMAIN, please forward the request to this
The best solution would be to have only internal.example.test. zone
managed by IPA, and add delegation to this zone into example.test.
On Wed, Jul 8, 2015 at 4:09 PM, Martin Basti <mba...@redhat.com
On 08/07/15 14:26, Karl Forner wrote:
When using my freeIPA DNS name server for my domain example.test,
I need to exclude some names from the server( to be forwarded to
the DNS forwarder for instance.
For example, I'd like foo.example.test not to be resolved, but
How could I implement this ?
If you plan to forward whole subzone, you can use forward zones in
example.test -- master zone
foo.example.test -- forward zones
which IPA version o IPA do you have?
If IPA > 4.0, than you can use ipa dnsforwardzone-add command.
Otherwise dnszone-add with --forwarder option
Do not forget to add proper NS delegation for all sub zones from
For example: ipa dnsrecord-add example.test. test
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project