On 03/06/16 08:06, Petr Spacek wrote:
On 2.6.2016 18:30, lejeczek wrote:
hi users,

I do (all on IPA server)

$ host 10.5.6.100
Host 100.6.5.10.in-addr.arpa. not found: 3(NXDOMAIN)

I do:

$ host 10.5.6.17
17.6.5.10.in-addr.arpa domain name pointer ......

I do:

$ ipa dnsrecord-find 5.10.in-addr.arpa
   Record name: @
   NS record: rider.private.dom., swir.private.dom.,
              work5.private.dom.

   Record name: 19.10
   PTR record: work1.private.dom.

   Record name: 23.10
   PTR record: work5.private.dom.

   Record name: 100.6
   PTR record: rider.private.dom.

   Record name: 17.6
   PTR record: dzien.private.dom.

   Record name: 32.6
   PTR record: swir.private.dom.
----------------------------
Number of entries returned 6


dig also find these records.

this is probably why replica fails with:

ipa.ipapython.install.cli.install_tool(Replica): ERROR    Unable to resolve
the IP address 10.5.6.100 to a host name, check /etc/hosts and DNS name
resolution

must be something trivial?
Likely :-) It could have multiple reasons.
E.g. DNS delegation from parent domain could be broken which could cause this 
etc.

Please try commands
$ dig -x <IP address> PTR

and

$ dig -x <IP address> SOA

and post their output, preferably without redacting it because the attempt to
hind real names often hide the root cause. I will have a look.

hi Petr
I have to redact, but I do it programmaticaly.
I think it happened after addition of second(last) replica, I initially installed server with 5.10.in-addr.arpa.
Now I do:

$ ipa dnszone-find
  Zone name: 5.10.in-addr.arpa.
  Active zone: TRUE
  Authoritative nameserver: rider.private.dom.
  Administrator e-mail address: hostmaster.private.dom.
  SOA serial: 1464884896
  SOA refresh: 3600
  SOA retry: 900
  SOA expire: 1209600
  SOA minimum: 3600
  Allow query: any;
  Allow transfer: none;

  Zone name: 10.5.10.in-addr.arpa.
  Active zone: TRUE
  Authoritative nameserver: work5.private.dom.
  Administrator e-mail address: hostmaster.private.dom.
  SOA serial: 1464489313
  SOA refresh: 3600
  SOA retry: 900
  SOA expire: 1209600
  SOA minimum: 3600
  Allow query: any;
  Allow transfer: none;

  Zone name: 6.5.10.in-addr.arpa.
  Active zone: TRUE
  Authoritative nameserver: swir.private.dom.
  Administrator e-mail address: hostmaster.private.dom.
  SOA serial: 1464880660
  SOA refresh: 3600
  SOA retry: 900
  SOA expire: 1209600
  SOA minimum: 3600
  Allow query: any;
  Allow transfer: none;

  Zone name: private.dom.
  Active zone: TRUE
  Authoritative nameserver: rider.private.dom.
  Administrator e-mail address: hostmaster.private.dom.
  SOA serial: 1464884764
  SOA refresh: 3600
  SOA retry: 900
  SOA expire: 1209600
  SOA minimum: 3600
  Allow query: any;
  Allow transfer: none;
----------------------------
Number of entries returned 4
----------------------------

and I dag "any" type of record and misread it, there is no ptr record returned, I could not get how delegation can be involved here. It's IPA(rider is the first server) own 5.10.in-addr.arpa. And rider sees 10.5.6.32 10.5.6.17 etc. but not it's own record, which according to:

$ ipa dnsrecord-find 5.10.in-addr.arpa

exists:

  Record name: 100.6
  PTR record: rider.private.dom.

$ dig -x 10.5.6.100 +qr soa
;; QUESTION SECTION:
;100.6.5.10.in-addr.arpa. IN  SOA

;; AUTHORITY SECTION:
6.5.10.in-addr.arpa. 0 IN SOA rider.private.dom. hostmaster.private.dom. 1464880660 3600 900 1209600 3600

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096

$ dig -x 10.5.6.100 +qr ptr
;; QUESTION SECTION:
;100.6.5.10.in-addr.arpa. IN  PTR

;; AUTHORITY SECTION:
6.5.10.in-addr.arpa. 3600 IN SOA rider.private.dom. hostmaster.private.dom. 1464880660 3600 900 1209600 3600

;; Query time: 1 msec

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to