Hide Forgot
Description of problem: I do not seem to be able to add multiple NS records to a zone. If I get the syntax correct, IPA seems to like the input, but then dig doesn't handle the entry. Version-Release number of selected component (if applicable): ipa-server-2.0-0.2011011418gita68b2d2.fc14.x86_64 How reproducible: always Steps to Reproduce: 1. ipa dnsrecord-add newzone1 @ --ns-rec=10.16.98.193,127.0.0.1. 2. dig newzone1 NS Actual results: [root@ipaqavmh ipa-dns]# ipa dnsrecord-add newzone1 @ --ns-rec=10.16.98.193,127.0.0.1. Record name: newzone1 MX record: 3.4.5.6 NS record: 10.16.98.193, 127.0.0.1. [root@ipaqavmh ipa-dns]# dig newzone1 NS ; <<>> DiG 9.7.2-P2-RedHat-9.7.2-2.P2.fc14 <<>> newzone1 NS ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 41340 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;newzone1. IN NS ;; Query time: 2 msec ;; SERVER: 10.16.98.193#53(10.16.98.193) ;; WHEN: Thu Jan 20 18:22:09 2011 ;; MSG SIZE rcvd: 26 Expected results: dig newzone NS to return two records. Additional: I'm still not sure how I supposed to enter a priority for the NS records.
https://fedorahosted.org/freeipa/ticket/838
The bug has been fixed upstream in 0a6b1c4bced35dc0943ae38fcea71586274395ba. The root cause was that NS records are supposed to be resolvable hostnames. This is expected by Bind and enforced so that if Bind cannot find an A or AAAA record for a NS record, it wouldn't load the zone. Even if you add an IP address, Bind would still treat is as a hostname. The fix is to a) during zone creation, check if NS record can be resolved with DNS. This can be overridden with --force (if, for some reason you'd like to add the NS record afterwards with dnsrecord-add/host-add or perhaps for testing purposes). b) provide a new option to dnszone-add that allows specifying IP address of the NS record, so zone and NS record can be created in one go c) when adding a new NS record with dnsrecord-add, check for a valid A/AAAA record, too.