Re: [Freeipa-users] dnsforwardzone-add giving error
On 1.5.2016 14:32, Ben .T.George wrote: > HI > > After reboot i tried the same command and i got below error > > [root@global ~]# ipa dnsforwardzone-add kwttestdc.com.kw > --forwarder=192.168.37.131 --forward-policy=only > Server will check DNS forwarder(s). > This may take some time, please wait ... > ipa: ERROR: DNS check for domain kwttestdc.com.kw. failed: All nameservers > failed to answer the query kwttestdc.com.kw. IN SOA: Server 127.0.0.1 UDP > port 53 anwered The DNS operation timed out.; Server 127.0.0.1 UDP port 53 > anwered The DNS operation timed out.; Server 127.0.0.1 UDP port 53 anwered > The DNS operation timed out.; Server 127.0.0.1 UDP port 53 anwered The DNS > operation timed out.; Server 127.0.0.1 UDP port 53 anwered SERVFAIL. > > > this is the first time i am seeing this error. This indicates a problem with DNS resolution from the FreeIPA server. I would recommend you to run following command and to inspect named logs: $ dig kwttestdc.com.kw SOA $ journalctl named -u named-pkcs11 Also, please see below. > On Sun, May 1, 2016 at 3:30 PM, Ben .T.George wrote: > >> HI LIst, >> >> i dont; know how to explain this issue. I was trying IPA 4.3.1 >> >> while adding DNS, i am getting below error >> >> [root@global tmp]# ipa dnsforwardzone-add kwttestdc.com.kw >> --forwarder=192.168.37.131 --forward-policy=only >> Server will check DNS forwarder(s). >> This may take some time, please wait ... >> ipa: ERROR: DNS zone kwttestdc.com.kw. already exists in DNS and is >> handled by server(s): corp.kwttestdc.com.kw. IPA detected that you are trying to use forward zone to override content of zone kwttestdc.com.kw which is already resolvable. This is almost always a bad idea. You are you adding forward zone even though the zone can be resolved directly from the FreeIPA server? What is the use-case? Petr^2 Spacek >> >> >> and in my resolv.conf , i have given like below: >> >> nameserver 127.0.0.1 >> >> someone please explan what is the issue and how to fix this one. >> >> Regards, >> Ben -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
[Freeipa-users] dnsforwardzone-add giving error
HI LIst, i dont; know how to explain this issue. I was trying IPA 4.3.1 while adding DNS, i am getting below error [root@global tmp]# ipa dnsforwardzone-add kwttestdc.com.kw --forwarder=192.168.37.131 --forward-policy=only Server will check DNS forwarder(s). This may take some time, please wait ... ipa: ERROR: DNS zone kwttestdc.com.kw. already exists in DNS and is handled by server(s): corp.kwttestdc.com.kw. and in my resolv.conf , i have given like below: nameserver 127.0.0.1 someone please explan what is the issue and how to fix this one. Regards, Ben -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] dnsforwardzone-add giving error
HI After reboot i tried the same command and i got below error [root@global ~]# ipa dnsforwardzone-add kwttestdc.com.kw --forwarder=192.168.37.131 --forward-policy=only Server will check DNS forwarder(s). This may take some time, please wait ... ipa: ERROR: DNS check for domain kwttestdc.com.kw. failed: All nameservers failed to answer the query kwttestdc.com.kw. IN SOA: Server 127.0.0.1 UDP port 53 anwered The DNS operation timed out.; Server 127.0.0.1 UDP port 53 anwered The DNS operation timed out.; Server 127.0.0.1 UDP port 53 anwered The DNS operation timed out.; Server 127.0.0.1 UDP port 53 anwered The DNS operation timed out.; Server 127.0.0.1 UDP port 53 anwered SERVFAIL. this is the first time i am seeing this error. On Sun, May 1, 2016 at 3:30 PM, Ben .T.George wrote: > HI LIst, > > i dont; know how to explain this issue. I was trying IPA 4.3.1 > > while adding DNS, i am getting below error > > [root@global tmp]# ipa dnsforwardzone-add kwttestdc.com.kw > --forwarder=192.168.37.131 --forward-policy=only > Server will check DNS forwarder(s). > This may take some time, please wait ... > ipa: ERROR: DNS zone kwttestdc.com.kw. already exists in DNS and is > handled by server(s): corp.kwttestdc.com.kw. > > > and in my resolv.conf , i have given like below: > > nameserver 127.0.0.1 > > someone please explan what is the issue and how to fix this one. > > Regards, > Ben > > > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project