freeipa

Clone
Source Code
GIT

#3063 Nameserver does not have a corresponding A/AAAA record while creating new dns zone
Closed: Invalid None Opened 11 years ago by mgregg.

Closed: Invalid
Reopen Issue

[[br]]Description of problem:
[[br]]When attempting to create a new dns zone, ipa reports the name server does not have a A record when it does.

[[br]]Version-Release number of selected component (if applicable):
[[br]]freeipa-server-2.99.0-0.20120829T2002Zgit7e9eb9c.fc17.x86_64
[[br]]bind-dyndb-ldap-1.1.0-0.20120828T1109Zgit6114ae2.fc17.x86_64

[[br]]How reproducible:
[[br]]Always

[[br]]Steps to Reproduce:
[[br]]1. install ipa with dns support
[[br]]2. ipa dnszone-add --name-server=<fqdn of master> --admin-email=ipaqar.redhat.com --serial=2010010701 --refresh=303 --retry=101 --expire=1202 --minimum=33 --ttl=55 idnszone.com

[[br]]Actual results:
[root@zippyvm2 ipa-dns]# ipa dnszone-add --name-server=zippyvm2.testrelm.com --admin-email=ipaqar.redhat.com --serial=2010010701 --refresh=303 --retry=101 --expire=1202 --minimum=33 --ttl=55 idnszone.com
ipa: ERROR: Nameserver 'zippyvm2.testrelm.com.' does not have a corresponding A/AAAA record

[[br]]Additional info:
[[br]]zippyvm2.testrelm.com does have a A record.

[root@zippyvm2 ipa-dns]# ipa dnsrecord-find testrelm.com zippyvm2
  Record name: @
  NS record: zippyvm2.testrelm.com.

  Record name: zippyvm2
  A record: 10.14.5.134
  SSHFP record: 1 1 2C0B9281ADBB3F584717C0A0D4508B058FB27ADE, 2 1 B6D4C452A34CCE9A92BD374D497115AF39A16783

Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=856293

I am not able to reproduce this one.

ipa dnszone-add --name-server=`hostname` --admin-email=ipaqar.redhat.com --serial=2010010701 --refresh=303 --retry=101 --expire=1202 --minimum=33 --ttl=55 idnszone.com 
  Zone name: idnszone.com
  Authoritative nameserver: vm-098.idm.lab.bos.redhat.com.
  Administrator e-mail address: ipaqar.redhat.com.
  SOA serial: 2010010701
  SOA refresh: 303
  SOA retry: 101
  SOA expire: 1202
  SOA minimum: 33
  SOA time to live: 55
  BIND update policy: grant IDM.LAB.BOS.REDHAT.COM krb5-self * A; grant IDM.LAB.BOS.REDHAT.COM krb5-self * AAAA; grant IDM.LAB.BOS.REDHAT.COM
                      krb5-self * SSHFP;
  Active zone: TRUE
  Dynamic update: FALSE
  Allow query: any;
  Allow transfer: none;

Version:

[tbabej@vm-098 freeIPA-scripts]$ rpm -qa | grep freeipa
freeipa-client-2.99.0-0.20121010T1215Zgitfff56ee.fc17.x86_64
freeipa-python-2.99.0-0.20121010T1215Zgitfff56ee.fc17.x86_64
freeipa-admintools-2.99.0-0.20121010T1215Zgitfff56ee.fc17.x86_64
freeipa-server-selinux-2.99.0-0.20121010T1215Zgitfff56ee.fc17.x86_64
freeipa-server-2.99.0-0.20121010T1215Zgitfff56ee.fc17.x86_64

Tested both on bind-dyndb-ldap 1.1 and 2.0:

[tbabej@vm-098 freeIPA-scripts]$ rpm -qa | grep bind-dyndb
bind-dyndb-ldap-1.1.0-0.14.rc1.fc17.x86_64

[tbabej@vm-098 freeIPA-scripts]$ rpm -qa | grep bind-dyndb-ldap
bind-dyndb-ldap-2.0-0.20121009T1320Zgit6a86b1f.fc17.x86_64

QE reports that they see this intermittently they will ping you when/if it comes up again.

Leaving ticket closed for now.

Reopening the ticket as I have been seen (with my own eyes, using vnc) this happen using Web UI on QE win machine.

Given steps to reproduce in Web UI(I did not manage so far):

  1. add a new zone,click add and edit
  2. click add for adding a DNS record
  3. choose NS option in the add prompt ,type in a random name,ip addr is mango.testrelm.com ,click add ,and then you'll see the erro msg coming out

The ticket https://fedorahosted.org/freeipa/ticket/3248 explores exactly same code path. With recent fix to it please re-test and may be test with the same environment.

Scott re-tested with 3248's patch applied and the issue came up. QE reports the issue is not easily reproducible and they have not been able to identify the cause, it appears only after running DNS tests few times. I am negotiating with QE, they are to provide me with remote access to the machine where the issue is already reproducible for investigation.

I had retested the issue using automates tests (where the issue supposedly occured) on QA machine multiple (+10) times over the weekend, with no success of reproducing the issue. Full test suite done by QA also confirmes the bug is not reproducible as of ipa-server-3.0.0-8. Bug is marked as verified in BZ, closing the ticket.

I got hold of the machine where the issue is reproducible. Turns out this comes up when the server is not configured to look at its own DNS records (probably because /etc/resolv.conf was rewritten by a network tool). Adding nameserver 127.0.0.1 to /etc/resolv.conf and restarting solves the issue.

Metadata Update from @mgregg:
- Issue assigned to tbabej
- Issue set to the milestone: FreeIPA 3.0.2
7 years ago

Login to comment on this ticket.

Metadata
None
None
None
low
None
None
None
None
defect
None
None
IPA
None
0
None
None
None
None
https://bugzilla.redhat.com/show_bug.cgi?id=856293
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.