On 09/11/16 12:43, Martin Basti wrote:
On 09.11.2016 12:15, lejeczek wrote:
On 08/11/16 19:37, Martin Basti wrote:
On 08.11.2016 19:41, lejeczek wrote:
hi everyone
when I look at my domain I see something which seems
inconsistent to me (eg. work5 is not part of the
domain, was --uninstalled)
Do these record need fixing?
I'm asking becuase one of the servers, despite the fact
the ipa dns related toolkit(on that server) shows zone
& records, to dig/host/etc. presents nothing, empty
responses!??
$ ipa dnsrecord-find xx.xx.xx.xx.x.
Record name: @
NS record: swir.xx.xx.xx.xx.x., rider.xx.xx.xx.xx.x.,
dzien.xx.xx.xx.xx.x., whale.xx.xx.xx.xx.x.
Record name: _kerberos
TXT record: .xx.xx..xx.xx.x
Record name:
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs
SRV record: 0 100 88 rider, 0 100 88 work5
Record name:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs
SRV record: 0 100 389 rider, 0 100 389 work5
Record name:
_kerberos._udp.Default-First-Site-Name._sites.dc._msdcs
SRV record: 0 100 88 rider, 0 100 88 work5
Record name: _kerberos._tcp.dc._msdcs
SRV record: 0 100 88 rider, 0 100 88 work5
Record name: _ldap._tcp.dc._msdcs
SRV record: 0 100 389 rider, 0 100 389 work5
Record name: _kerberos._udp.dc._msdcs
SRV record: 0 100 88 rider, 0 100 88 work5
Record name: _kerberos._tcp
SRV record: 0 100 88 whale, 0 100 88 dzien, 0 100 88
rider, 0 100 88 swir
Record name: _kerberos-master._tcp
SRV record: 0 100 88 whale, 0 100 88 dzien, 0 100 88
rider, 0 100 88 swir
Record name: _kpasswd._tcp
SRV record: 0 100 464 rider, 0 100 464 swir, 0 100
464 dzien, 0 100 464 whale
Record name: _ldap._tcp
SRV record: 0 100 389 swir, 0 100 389 dzien, 0 100
389 whale, 0 100 389 rider
Record name: _kerberos._udp
SRV record: 0 100 88 whale, 0 100 88 dzien, 0 100 88
rider, 0 100 88 swir
Record name: _kerberos-master._udp
SRV record: 0 100 88 whale, 0 100 88 dzien, 0 100 88
rider, 0 100 88 swir
Record name: _kpasswd._udp
SRV record: 0 100 464 rider, 0 100 464 swir, 0 100
464 dzien, 0 100 464 whale
Record name: _ntp._udp
SRV record: 0 100 123 dzien, 0 100 123 rider, 0 100
123 whale, 0 100 123 swir
thanks.
L.
Hello,
if server work5 is uninstalled, then work5 SRV records
should be removed.
Martin
Martin, would you be able suggest a way to troubleshoot
that problem that one (only) server (rider) seems to
present no data for the whole domain? Remaining servers
correctly respond to any queries. One curious thing is
that I $rndc trace 6; and (I see debug level changed in
journalctl) I do not see anything in the logs when I query.
Zone allows any to query it.
What dig @rider command returns for SRV queries?
don't mind SRV records for now, it returns no record at all,
it forwards and caches but not for the domain itself.
on rider (suffice I point to other member server and records
are there)
$ dig +qr any .xx.xx..xx.xx.x. @10.5.6.100
; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.4 <<>> +qr any
.xx.xx..xx.xx.x. @10.5.6.100
;; global options: +cmd
;; Sending:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36196
;; flags: rd ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0,
ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;.xx.xx..xx.xx.x. IN ANY
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36196
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1,
ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;.xx.xx..xx.xx.x. IN ANY
;; AUTHORITY SECTION:
.xx.xx.x. 3600 IN SOA ipreg.xxx.xx.xx.x.
hostmaster.xx.xx.x. 1478696070 1800 900 604800 3600
;; Query time: 5 msec
;; SERVER: 10.5.6.100#53(10.5.6.100)
;; WHEN: Wed Nov 09 12:56:16 GMT 2016
;; MSG SIZE rcvd: 120
I obfuscated FQDNs but it seems like it forwards to a parent
domain (to which it's supposed, by dnsforwardzone)
And like I mentioned earlier, I do dnszone-find, etc. (on
rider) it's all there.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
