Bug 795406
Summary: | Hold bind and plugin global settings in LDAP | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Petr Spacek <pspacek> |
Component: | bind-dyndb-ldap | Assignee: | Petr Spacek <pspacek> |
Status: | CLOSED ERRATA | QA Contact: | IDM QE LIST <seceng-idm-qe-list> |
Severity: | high | Docs Contact: | |
Priority: | unspecified | ||
Version: | 6.3 | CC: | atkac, grajaiya, jgalipea, ovasik, syeghiay |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | bind-dyndb-ldap-1.1.0-0.3.b1.el6 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-06-20 13:52:31 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Petr Spacek
2012-02-20 12:33:43 UTC
Fixed in upstream: https://fedorahosted.org/bind-dyndb-ldap/ticket/43#comment:2 #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~# Case 1: - Forwarder not set in /etc/named.conf - nslookup $somezone Result: [root@goldbug ~]# nslookup shanks.example.com Server: 10.65.201.101 Address: 10.65.201.101#53 ** server can't find shanks.example.com: NXDOMAIN [root@goldbug ~]# #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~# #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~# Case 2: - forwarder set in dns global config - nslookup $somezone [root@goldbug ~]# ipa dnsconfig-mod --forwarder=10.65.201.100 Global forwarders: 10.65.201.100 [root@goldbug ~]# [root@goldbug ~]# nslookup shanks.example.com Server: 10.65.201.101 Address: 10.65.201.101#53 Non-authoritative answer: Name: shanks.example.com Address: 192.168.0.100 [root@goldbug ~]# [root@goldbug ~]# tcpdump -ni eth0 udp port 53 10:38:58.389557 IP 10.65.201.101.51174 > 10.65.201.100.domain: 60351+ [1au] A? shanks.example.com. (47) 10:38:58.389588 IP 10.65.201.101.55396 > 10.65.201.100.domain: 29952+ [1au] NS? . (28) 10:38:58.390613 IP 10.65.201.100.domain > 10.65.201.101.55396: 29952 14/0/23 NS e.root-servers.net., NS f.root-servers.net., NS k.root-servers.net., NS l.root-servers.net., NS c.root-servers.net., NS m.root-servers.net., NS i.root-servers.net., NS a.root-servers.net., NS b.root-servers.net., NS d.root-servers.net., NS j.root-servers.net., NS h.root-servers.net., NS g.root-servers.net., RRSIG (857) 10:38:58.392649 IP 10.65.201.100.domain > 10.65.201.101.51174: 60351* 1/1/2 A 192.168.0.100 (122) #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~# #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~# Case 3: - Set a forwarder in /etc/named.conf - set another forwarder in dns global config - nslookup $somezone [root@goldbug ~]# ipa dnsconfig-mod --forwarder=10.65.201.100 Global forwarders: 10.65.201.100 [root@goldbug ~]# [root@goldbug ~]# nslookup shanks.example.com Server: 10.65.201.101 Address: 10.65.201.101#53 Non-authoritative answer: Name: shanks.example.com Address: 192.168.0.100 [root@goldbug ~]# [root@goldbug ~]# tcpdump -ni eth0 udp port 5310:40:53.025919 IP 10.65.201.101.BESApi > 10.65.201.100.domain: 3705+ [1au] A? shanks.example.com. (47) 10:40:53.025969 IP 10.65.201.101.34315 > 10.65.201.100.domain: 3036+ [1au] NS? . (28) 10:40:53.026550 IP 10.65.201.100.domain > 10.65.201.101.34315: 3036 14/0/23 NS d.root-servers.net., NS a.root-servers.net., NS l.root-servers.net., NS h.root-servers.net., NS m.root-servers.net., NS i.root-servers.net., NS c.root-servers.net., NS g.root-servers.net., NS k.root-servers.net., NS b.root-servers.net., NS f.root-servers.net., NS j.root-servers.net., NS e.root-servers.net., RRSIG (857) 10:40:53.028004 IP 10.65.201.100.domain > 10.65.201.101.BESApi: 3705* 1/1/2 A 192.168.0.100 (122) #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~# Verified: bind-dyndb-ldap-1.1.0-0.8.b1.el6.x86_64 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0837.html |