On pe, 30 marras 2018, Jonathan Vaughn wrote:
John, thanks for the tip on removing the MNAME to allow the SOA to define
it (changing the SOA was actually the first thing I tried, and when that
didn't work I remembered reading something about fake_mname, which Google
results kept telling me was
John, thanks for the tip on removing the MNAME to allow the SOA to define
it (changing the SOA was actually the first thing I tried, and when that
didn't work I remembered reading something about fake_mname, which Google
results kept telling me was in named.conf but at some point moved to LDAP
and
On pe, 30 marras 2018, John Petrini via FreeIPA-users wrote:
Good to know mname override is available in the WebUI. I had no idea.
Just another bit of info you might find useful, if you make the mname
override blank it removes it and you can control the SOA mname per
zone via the Authoritative
Good to know mname override is available in the WebUI. I had no idea.
Just another bit of info you might find useful, if you make the mname
override blank it removes it and you can control the SOA mname per
zone via the Authoritative nameserver option.
As an update, TL;DR it doesn't appear that IPA resets any of my override
changes, everything is awesome.
Here's copy paste of my followup on another thread I had started asking
about allow-recursion specifically (so that if someone stumbles upon this
thread instead, they'll get the full howto)
Thanks for the pointers / explanations everyone.
It would be nice if adding a replica didn't reset the SOA/NS, but the main
reason I say that isn't due to the actual work of fixing it, but that once
we're set up with replicas in all our offices we'll add new ones so
infrequently I guarantee this
On 9/11/18 3:07 pm, John Petrini via FreeIPA-users wrote:
The mname override now lives in ldap and is configured using the
dnsserver-mod command. fake_mname is no longer included in named.conf.
I think that feature was added to address this issue:
https://pagure.io/bind-dyndb-ldap/issue/162
We
The mname override now lives in ldap and is configured using the
dnsserver-mod command. fake_mname is no longer included in named.conf.
I think that feature was added to address this issue:
https://pagure.io/bind-dyndb-ldap/issue/162
We use TSIG for dynamic updates without any issues, not sure if
It can be done, but there are some caveats you should be aware of:
- You'll need to disable the fake_mname that bind gets configured with
for your SOA to show up correctly
- Any time you add/change a replica, you'll need to check your NS/SOA
records and probably correct them again, as they get
On 9/11/18 2:14 pm, John Petrini via FreeIPA-users wrote:
Yes. When you create a new zone it creates NS records for each IPA
server by default but you can change them to whatever you want.
If you do this you'll probably want to remove the SOA mname override
from each of your IPA DNS servers
Yes. When you create a new zone it creates NS records for each IPA
server by default but you can change them to whatever you want.
If you do this you'll probably want to remove the SOA mname override
from each of your IPA DNS servers otherwise changing the authoritative
name server on the zone
11 matches
Mail list logo