Ticket was cloned from Red Hat Bugzilla (product Fedora): Bug 1076262
Description of problem: Joining a host to a freeipa domain never creates AAAA records if dual stacked, and in a pure IPv6 environment there are many other issues: for example, service checks seem to only check if a name is resolveable on A records. Finally, even once joined, dns record updates don't (seem) to create or update AAAA records on the domain network. 1) ipa-join should be able to handle * v4 only * v4 and v6 (Uploading both A and AAAA records and PTRs) * v6 only 2) service checks should check both A and AAAA and provided *one* of these exists it should validate. In general, I think that freeipa needs more ipv6-only network testing .... Version-Release number of selected component (if applicable): freeipa-3.3.4
Related bug for ipa-server-install: #3575
See related discussion in https://bugzilla.redhat.com/show_bug.cgi?id=1077464 before implementation.
This ticket is too general and processing and triage thus takes too long - sorry.
I see it reports already tracked bugs:
There are also related bugs tracked:
You can track these tickets separately if you are interested in solution to these issues.
Part of it (dns record updates) is not related to FreeIPA, but resides in SSSD - see related Bug 1077464.
The only untracked issue I see is that ipa-client-install only adds A or AAAA record when it is being installed (this is not done by ipa-join as reported), but it never adds both, when both IPv4 and IPv6 is configured.
ipa-client-install
ipa-join
Changing the ticket title to match this issue. It should be pretty easy fix, update resolve_ipaddress to not bail out when it finds A address, but rather return all IPv4 and IPv6 addresses that can be used to connect to master.
resolve_ipaddress
attachment freeipa-dkupka-0035-client-Update-DNS-with-all-available-local-IP-addres.patch
Blocked by https://fedorahosted.org/sssd/ticket/2558.
SSSD removes all A/AAAA except the one which IP address is used for LDAP connection.
Fix for bind-dyndb-ldap plugin is required for proper functionality. https://fedorahosted.org/bind-dyndb-ldap/ticket/155
Related ticket - #4007.
SSSD ticket is planned for 1.13, this aligns well with 4.2 release.
https://fedorahosted.org/sssd/ticket/2558 was moved to 1.13.1, moving this ticket also.
master:
ipa-4-2:
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1254785
Metadata Update from @mkosek: - Issue assigned to dkupka - Issue set to the milestone: FreeIPA 4.2.1
Login to comment on this ticket.