On 7/31/20 1:03 AM, Christian Hernandez via FreeIPA-users wrote:
> I'm having an issue delegating a subdomain. My domain is cloud.chx and I
> ran the following.
>
> ipa dnsrecord-add cloud.chx dc1.ad <http://dc1.ad> --a-rec=192.168.1.253
> ipa dnsrecord-add 1.168.192.in-addr.arpa. 253 --ptr-rec=dc1.ad.cloud.chx.
> ipa dnsrecord-add cloud.chx ad --ns-rec=dc1.ad.cloud.chx.
>
>
> I checked and it's in the config
>
> [root@ipa1 ~]# dig axfr cloud.chx | grep ad
> ad.cloud.chx.86400INNSdc1.ad.cloud.chx.
> dc1.ad.cloud.chx.86400INA192.168.1.253
>
>
> But when I query, it doesn't return what I expected.
>
> [root@ipa1 ~]# dig dc1.ad.cloud.chx NS
>
> ; <<>> DiG 9.11.4-P2-RedHat-9.11.4-16.P2.el7_8.6 <<>> dc1.ad.cloud.chx NS
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15346
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ;; QUESTION SECTION:
> ;dc1.ad.cloud.chx.INNS
>
> ;; Query time: 27 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Thu Jul 30 15:48:03 PDT 2020
> ;; MSG SIZE  rcvd: 45
>
>
> The other DNS server is up and running.
>
> [root@ipa1 ~]# dig @192.168.1.253 <http://192.168.1.253> dc1.ad.cloud.chx
>
> ; <<>> DiG 9.11.4-P2-RedHat-9.11.4-16.P2.el7_8.6 <<>> @192.168.1.253
> <http://192.168.1.253> dc1.ad.cloud.chx
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64777
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4000
> ;; QUESTION SECTION:
> ;dc1.ad.cloud.chx.INA
>
> ;; ANSWER SECTION:
> dc1.ad.cloud.chx.3600INA192.168.1.253
>
> ;; Query time: 1 msec
> ;; SERVER: 192.168.1.253#53(192.168.1.253)
> ;; WHEN: Thu Jul 30 15:59:21 PDT 2020
> ;; MSG SIZE  rcvd: 61
>
>
> This is worth noting that adding +norec works.
>
Hi,

my question ma sound stupid but is there an A record for
dc1.ad.cloud.chx in the DNS server dc1?

flo

> [root@ipa1 ~]# dig dc1.ad.cloud.chx NS +norec
>
> ; <<>> DiG 9.11.4-P2-RedHat-9.11.4-16.P2.el7_8.6 <<>> dc1.ad.cloud.chx
> NS +norec
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36273
> ;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 2
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ;; QUESTION SECTION:
> ;dc1.ad.cloud.chx.INNS
>
> ;; AUTHORITY SECTION:
> ad.cloud.chx.86400INNSdc1.ad.cloud.chx.
>
> ;; ADDITIONAL SECTION:
> dc1.ad.cloud.chx.86400INA192.168.1.253
>
> ;; Query time: 0 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Thu Jul 30 15:59:39 PDT 2020
> ;; MSG SIZE  rcvd: 75
>
> Is there anything I'm missing?
>
>
> ---
>
> Christian Hernandez, RHCE
>
> Principal Technical Marketing Manager - Cloud Platforms
>
> Red Hat, Inc <https://www.redhat.com/>
>
> christian@redhat.com <mailto:christian@redhat.com>
>
> Mobile: 626.502.8310
>
> Slack:  chernand
>
> <https://www.redhat.com/>
>
>
> _______________________________________________
> FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
> To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
>