Thanks for the pointers / explanations everyone.
It would be nice if adding a replica didn't reset the SOA/NS, but the main
reason I say that isn't due to the actual work of fixing it, but that once
we're set up with replicas in all our offices we'll add new ones so
infrequently I guarantee this will get forgotten / overlooked and cause
confusion, even though I will put it into the internal KB :D
Would be nice if there was a per-zone setting to prevent this reset -
perhaps even some option to specify public/private IPs for each replica and
a simple public/private switch on the zone, so that it would default to
using the correct IPs (and any without public IPs on a public zone would
just not appear in NS/SOA records), but I understand this is outside the
scope that FreeIPA is interested in supporting.
If I manually add extra NS records, will they get nuked when adding a
replica, or just not be listed in SOA anymore? If nobody is sure I'll try
to test this...
On Thu, Nov 8, 2018 at 10:14 PM, Peter Fern via FreeIPA-users <
freeipa-users(a)lists.fedorahosted.org> wrote:
On 9/11/18 3:07 pm, John Petrini via FreeIPA-users wrote:
> The mname override now lives in ldap and is configured using the
> dnsserver-mod command. fake_mname is no longer included in named.conf.
> I think that feature was added to address this issue:
>
https://pagure.io/bind-dyndb-ldap/issue/162
>
> We use TSIG for dynamic updates without any issues, not sure if
> something has changed there but it works for us.
>
Good to know - things may indeed have changed, last time I messed with
this was on v4.3.x.
_______________________________________________
FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://getfedora.org/code-of-conduct.html
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@
lists.fedorahosted.org