On 10.6.2016 14:21, Günther J. Niederwimmer wrote:
> Am Freitag, 10. Juni 2016, 10:12:50 CEST schrieb Martin Basti:
>> On 10.06.2016 09:09, Günther J. Niederwimmer wrote:
>>> can any help me to clear a question for DNSSEC, NSEC3
>>> I have a domain created with bind and DNSSEC and NSEC3 I test this Domain
>>> and other, not my Domain with
>>> This site from Verisign tell me, I have all Secure and also the A, AAAA
>>> FreeIPA 4.3.1 Centos 7.2
> I mean with the FreeIPA 4.2 I have A or AAAA Records but one from the list
> tell me 4.3.1 is the better version for DNSSEC ?
>>> But when I test my IPA created domain
>>> I miss the A, AAAA Records
>>> can this be correct ?
>>> Thanks for a answer
>> do you have configured A and AAAA records in zone apex of '4gjn.com'?
> Yes I have configured A AAAA Records, but something is wrong with the Zone
> ? when I look on my secondary DNS this is a PDNS then I found total different
> entry for esslmaier.at and my 4gjn.com.
>> I can `dig +dnssec ipa.4gjn.com. A` with DNSSEC results but for `dig
>> +dnssec 4gjn.com. A` , it looks like there is no A/AAAA records.
> Yes I wrote this before but I have no answer, what I can do :-(.
>> Can you provide output of the `ipa dnsrecord-show 4gjn.com. @` ?
> this is all !!!
> [root@ipa ~]# ipa dnsrecord-show 4gjn.com. @
> Datensatzname: @
> MX record: 10 smtp.4gjn.com.
> NS record: dns.esslmaier.at., ipa.4gjn.com., ns1.ns71.net.,
> TXT record: "v=spf1 mx ip4:220.127.116.11 ip4:18.104.22.168/28 ip6:2001:470:6f:
> ip6:2001:470:6f:8f1::/64 ?include:gjn.priv.at -all"
> ipa dnsrecord-show 4gjn.com. AAAA
> ipa: ERROR: AAAA: DNS resource record nicht gefunden
> Is this a LDAP Problem ?
Apparently you do not have any A/AAAA records defined in IPA. Add some and you
will see :-)
Speaking of IPA versions, yes, latest IPA 4.3.2 is the best you can get for
DNSSEC. There is many bugs in older versions.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project