Bug 798493
| Summary: | adding reverse zones in gui fails to create correct zone | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Brian J. Atkisson <batkisso> |
| Component: | ipa | Assignee: | Rob Crittenden <rcritten> |
| Status: | CLOSED ERRATA | QA Contact: | Namita Soman <nsoman> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 6.2 | CC: | jgalipea, mkosek, pspacek, pvoborni |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | ipa-3.0.0-1.el6 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2013-02-21 09:10:16 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Brian J. Atkisson
2012-02-29 03:27:02 UTC
Upstream ticket: https://fedorahosted.org/freeipa/ticket/2461 I created a ticket as this behavior can be improved. Until we fix the issue, please try using the IP address in format <network-IP-addr>/<nr-of-network-bits>. If you use network address "192.168.12.0/24" in your case, the reverse zone will be created correctly. Recent DNS zone patch added a network validator to 'Reverse zone IP network:'. It will allow to enter value only in <network-IP-addr>/<nr-of-network-bits> format. It effectively solves the UI part of this issue. Will it work with following network? Network=128.128.128.0/20 Mask=255.255.240.0, i.e. prefix 20 bits WebUI and CLI have to allow to add following reverse zones: 128.128.128.in-addr.arpa. 129.128.128.in-addr.arpa. . and all between . 142.128.128.in-addr.arpa. 143.128.128.in-addr.arpa. If you use a prefix that is not divisible by 8 for IPv4 or by 4 for IPv6 it will be rounded: # ipa dnszone-add --name-server=`hostname` --name-from-ip=128.128.128.0/20 Zone name [128.128.in-addr.arpa.]: Administrator e-mail address [hostmaster.128.128.in-addr.arpa.]: Zone name: 128.128.in-addr.arpa. ... If you need to create a reverse zone with precisely this prefix (20), you can simply create it with multiple reverse zones of longer prefix as you already pointed out: # ipa dnszone-add --name-server=`hostname` --name-from-ip=128.128.128.0/24 Zone name [128.128.128.in-addr.arpa.]: Administrator e-mail address [hostmaster.128.128.128.in-addr.arpa.]: Zone name: 128.128.128.in-addr.arpa. ... # ipa dnszone-add --name-server=`hostname` --name-from-ip=128.128.129.0/24 Zone name [129.128.128.in-addr.arpa.]: Administrator e-mail address [hostmaster.129.128.128.in-addr.arpa.]: Zone name: 129.128.128.in-addr.arpa. Authoritative nameserver: vm-086.idm.lab.bos.redhat.com. ... ... ... Fixed upstream: master: https://fedorahosted.org/freeipa/changeset/ef7b8ab764420baa4e959c0bf060e390b314c18f ipa-3-0: https://fedorahosted.org/freeipa/changeset/7b7946d69bdb5606ff00c5e733a18c1e788d4796 After a discussion, we decided instead of rejecting IP address without a netmask rather choosing a more sensible default netmask. That is * 24b for IPv4 * 64b for IPv6 A reasoning behind that decision is that for IPv6, vast majority of the networks has 64b netmask, so using this default makes perfect sense. IPv4 address just carried on in order to have a consistent behavior. Note: The same computation of a default reverse zone is used in ipa-{server,replica-dns}-install. regression tests added to DNS test suite verified :: :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: Bug 798493 - adding reverse zones in gui fails to create correct zone :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ PASS ] :: Make sure dnszone-find seems to find the reverse zone :: [ PASS ] :: Make sure dnszone-find outputs teh correct zone name. :: [ PASS ] :: Make sure dnszone-find seems to find the reverse zone :: [ PASS ] :: Make sure dnszone-find outputs teh correct zone name. :: [ PASS ] :: Make sure dnszone-find seems to find the reverse zone :: [ PASS ] :: Make sure dnszone-find outputs teh correct zone name. :: [ LOG ] :: Duration: 7s :: [ LOG ] :: Assertions: 6 good, 0 bad :: [ PASS ] :: RESULT: Bug 798493 - adding reverse zones in gui fails to create correct zone version :: ipa-server-3.0.0-19.el6 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2013-0528.html |