Learn more about these different git repos.
Other Git URLs
This ticket is clone of ticket #96. This ticket tracks the status for zone-refresh enabled configurations.
Conditional forwarder is still active even after zone deletion:
Add forwarder for zone idm.lab.bos.redhat.com:
idm.lab.bos.redhat.com
$ ipa dnszone-add idm.lab.bos.redhat.com --name-server=vm-061.idm.lab.bos.redhat.com. --admin-email='hostmaster@ad.lan' --force --forwarder=10.16.78.61 --forward-policy=only $ dig @127.0.0.1 -t ANY test.idm.lab.bos.redhat.com ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64187 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2 ;; ANSWER SECTION: test.idm.lab.bos.redhat.com. 86400 IN TXT "666" ;; AUTHORITY SECTION: idm.lab.bos.redhat.com. 86400 IN NS vm-061.idm.lab.bos.redhat.com. ;; ADDITIONAL SECTION: vm-061.idm.lab.bos.redhat.com. 1200 IN A 10.16.78.61 $ ipa dnszone-del idm.lab.bos.redhat.com
Named will log a message if debug level >= 1:
zone 'idm.lab.bos.redhat.com' not found in zone register
Zone is still resolvable through the forwarder:
$ dig @127.0.0.1 -t ANY test2.idm.lab.bos.redhat.com ; <<>> DiG 9.9.1-P3-RedHat-9.9.1-9.P3.fc17 <<>> @127.0.0.1 -t ANY test2.idm.lab.bos.redhat.com ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14943 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2 ;; ANSWER SECTION: test2.idm.lab.bos.redhat.com. 86400 IN TXT "another" "value" "obtained" "from" "forwarder" ;; AUTHORITY SECTION: idm.lab.bos.redhat.com. 86190 IN NS vm-061.idm.lab.bos.redhat.com. ;; ADDITIONAL SECTION: vm-061.idm.lab.bos.redhat.com. 990 IN A 10.16.78.61
Expected result: Record test2 should not be resolvable.
This problem will disappear after converting pure forward zones (in BIND9 zones with type forward) to new idnsForwardZone object class. Plugin version >= 3.0 support the new object class.
forward
idnsForwardZone
I'm closing this ancient ticket. Zone refresh is not supported anymore and latest version of bind-dyndb-ldap supports forward zones only in idnsForwardZone object class.
Metadata Update from @pspacek: - Issue assigned to pspacek - Issue set to the milestone: Fedora 20
Login to comment on this ticket.