Hi,
I'd like to ask for your advise for the following topology...
On a given site, IPA server has two legs (two NICs), let's call them "inside
NIC" and "outside NIC".
The inside NIC subnet is local to the site. The outside NIC subnet is interconnecting
sites.
All the local clients talk to IPA via the inside NIC. But to setup a replica on another
site, we must reach IPA via outside NIC (the inside subnet is not routable beyond the
local site boundaries).
So the question arises: how to configure proper DNS resolution for the hostname of the IPA
server itself?
DNS is handled by IPA itself, fully in our control.
So we have two options:
1. We create two A records for the same IPA hostname, let's say
"ipa.site1.example.com". But then not sure if it will work fine... Technically,
two IPs for the same name means load-balancing, right? So will I have intermittent
connectivity issues, because it will return inside and outside IP interchangebly?
2. We create a new DNS name, e.g. "ipa-outside-site1.example.com", for the
outside IP, and manually add it to the @ entry of "example.com", so that
wannabe-replica on the remote site can use that FQDN as its master IPA. Will this work
fine..? Will it not cause issues to the local clients on site1, who must keep using IPA
with inside IP? Will it not cause issues on IPA server itself for some reason?
Please share your experience on this!
Thanks.
Show replies by date