That seems to fail:

[root@ipa ~]# dig @192.168.1.1 . SOA

; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.2 <<>> @192.168.1.1 . SOA ; (1 server 
found) ;; global options: +cmd ;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 44900 ;; flags: qr rd ra; 
QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;.                              IN      SOA

;; Query time: 11153 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Fri Feb 19 14:42:51 CET 2016
;; MSG SIZE  rcvd: 28


But if I add a new record (e.g. CNAME) to DNS in Windows Server and try to ping 
to that CNAME, I get resolved correctly.

-Stijn

-----Original Message-----
From: freeipa-users-boun...@redhat.com 
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Petr Spacek
Sent: Friday 19 February 2016 13:59
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] DNS operation timed out when installing IPA with 
forwarders

On 19.2.2016 13:50, Geselle Stijn wrote:
> Hello fellow FreeIPA users,
> 
> I'm trying to setup FreeIPA in a lab environment (VirtualBox):
> 
> 
> -          ad.example.com (Windows Server 2008 R2) - 192.168.1.1
> 
> -          ipa.example.com (CentOS 7.2) - 192.168.1.2
> Both machines can ping each other, DNS resolving works:
> 
> [root@ipa ~] nslookup ad
> Server:         192.168.1.1
> Address:     192.168.1.1#53
> 
> Name:     ad.example.com
> Address: 192.168.1.1
> 
> 
> I executed:
> 
> yum install -y "*ipa-server*" bind bind-dyndb-ldap ipa-server-install 
> --domain=example.com --realm=EXAMPLE.COM --setup-dns 
> --forwarder=192.168.1.1
> 
> But the installation wizard fails at:
> 
> Checking DNS forwarders, please wait ...
> ipa            : ERROR   DNS server 192.168.1.1: query '. SOA': The DNS 
> operation timed out after 10.00124242 seconds
> ipa.ipapython.install.cli.install_tool(Server): ERROR     DNS server 
> 192.168.1.1: query '. SOA': The DNS operation timed out after 10.00124242 
> seconds
> 
> 
> Is there some way I can better troubleshoot this? Can I increase the DNS 
> timeout (maybe it's simply slow via VirtualBox).

Please try command
$ dig @192.168.1.1 . SOA
and paste the output here.

Also, please run the installer again with option --debug.

I will have a look.

Thank you.

--
Petr^2 Spacek

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to