Bug 842756 - Incorrect suggested Zone name when using name-from-ip
Incorrect suggested Zone name when using name-from-ip
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: ipa (Show other bugs)
7.0
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Martin Kosek
IDM QE LIST
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-07-24 10:18 EDT by Namita Soman
Modified: 2015-01-16 10:00 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-01-16 10:00:54 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Namita Soman 2012-07-24 10:18:59 EDT
Description of problem:
When adding a reverse zone using name-from-ip, the prompt suggests an invalid zone name, using all 4 octets of the ip.

Version-Release number of selected component (if applicable):
freeipa-server-2.99.0-0.20120713T1418Zgitc20d4c7.fc17.x86_64

How reproducible:
always

Steps to Reproduce:
1.# ipa dnszone-add --name-from-ip=10.15.20.100 --name-server=qe-blade-04.testrelm.com
2. ]# ipa dnszone-add --name-from-ip=10.15.20 --name-server=qe-blade-04.testrelm.com

  
Actual results:
1. Step 1 prompts: Zone name [100.20.15.10.in-addr.arpa.]:
2. Step 2 prompts: Zone name [0.20.15.10.in-addr.arpa.]: 

Expected results:
Step 1: Prompt should be:
Zone name [20.15.10.in-addr.arpa.]:
Step 2: should be Validation Error - to indicate invalid ip

Additional info:
Comment 2 Namita Soman 2012-07-25 06:37:28 EDT
User error...I didn't use the right value for ip. When doing the below, the suggested zone name is correct:

#ipa dnszone-add --name-from-ip 10.10.100.0/25
Authoritative nameserver: ipaqavmh.testrelm.com
Zone name [100.10.10.in-addr.arpa.]: 

Can we have validation when using this parameter to avoid incorrect zones from being added?
Comment 3 Martin Kosek 2012-07-30 09:57:21 EDT
Technically the zone is not invalid. You just cannot add any child PTR records to the zone because there would be too many components in the reverse zone. But you are free to add a record to the zone itself, i.e.:


# ipa dnszone-add --name-from-ip=10.0.0.1 --name-server=`hostname`
Zone name [1.0.0.10.in-addr.arpa.]: 
Administrator e-mail address [hostmaster.1.0.0.10.in-addr.arpa.]: 
  Zone name: 1.0.0.10.in-addr.arpa.
  Authoritative nameserver: vm-086.idm.lab.bos.redhat.com.
  Administrator e-mail address: hostmaster.1.0.0.10.in-addr.arpa.
  SOA serial: 1343655778
  SOA refresh: 3600
  SOA retry: 900
  SOA expire: 1209600
  SOA minimum: 3600
  BIND update policy: grant IDM.LAB.BOS.REDHAT.COM krb5-subdomain 1.0.0.10.in-addr.arpa. PTR;
  Active zone: TRUE
  Dynamic update: FALSE
  Allow query: any;
  Allow transfer: none;

# ipa dnsrecord-add 1.0.0.10.in-addr.arpa. @ --ptr-rec=`hostname`.
  Record name: @
  NS record: vm-086.idm.lab.bos.redhat.com.
  PTR record: vm-086.idm.lab.bos.redhat.com.

# host 10.0.0.2
2.0.0.10.in-addr.arpa domain name pointer vm-086.idm.lab.bos.redhat.com.


We may just want to fix the default IP network mask size assignment from current fixed size (32b for IPv4, 128b for IPv6) to the one based on IP address class (8b for 10.* networks) as in other IP-network-related code. I will open a ticket.
Comment 4 Martin Kosek 2012-07-30 09:58:58 EDT
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/2952
Comment 8 Martin Kosek 2015-01-16 10:00:54 EST
See Comment 3. The suggest improvement was already done in current FreeIPA/IdM (tested on 4.1):

# ipa dnszone-add --name-from-ip=10.0.0.1
Zone name [0.0.10.in-addr.arpa.]: ^C

It now uses a better suited default and does not use the full 32b network mask. Closing the bug.

Note You need to log in before you can comment on or make changes to this bug.