show ipa's dns-configuration on your local server
modify dns-configuration on your local serveripa dnsconfig-show[archy@ipa01 ~]$
show all dns servers in an ipa domainipa dnsconfig-mod --forwarder=208.67.222.222 --forwarder=208.67.220.220 --forward-policy=[only|first|none][archy@ipa01 ~]$
show one specific ipa-dnsserver that was found by 'ipa dnsserver-find'ipa dnsserver-find[archy@ipa01 ~]$
modify a remote ipa-dns' configurationipa dnsserver-show ipa02.archyslife.lan[archy@ipa01 ~]$
a quick note on forward-policies:ipa dnsserver-mod --forwarder=208.67.222.222 --forwarder=208.67.220.220 --forward-policy=[only|first|none] ipa02.archyslife.lan[archy@ipa01 ~]$
only:
The dns will search the local database first and if an authoritative answer can be found, return it. Otherwise it will forward and query its forwarders. If the forwarders did not reply, the dns will return a SERVFAIL.
first:
The dns will search its local database first and if an authoritative answer was found, it will return it. If there was no answer to be found, query the forwarders. If the forwarding failed, try recursion and return the answer from the forwarders or the recursion.
none:
The dns will search the local database for an authoritative answer and return it if it is authoritative. If there was no entry to be found, try recursion and only recursion. Return the received answer.
For your master-zones (your local dnszones in my case 'archyslife.lan.' and '10.31.172.in-addr.arpa.') your forwarding policy is most likely set to 'only'. For forwardzones it is recommended to use the policy 'only' because otherwise you might get problems with the rfc 1918 addresses (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16).
list all dns zones:
show information to one specific dns zone:ipa dnszone-find[archy@ipa01 ~]$
show all dns entries in a specific zone:ipa dnszone-show 10.31.172.in-addr.arpa.[archy@ipa01 ~]$
show information to a specific entry in a zone:ipa dnsrecord-find archyslife.lan.[archy@ipa01 ~]$
adding dns records, a few examples.ipa dnsrecord-show archyslife.lan ipa01[archy@ipa01 ~]$
A:
MX:ipa dnsrecord-add archyslife.lan mx01 --a-ip-address=172.31.10.200 --a-create-reverse[archy@ipa01 ~]$
SRV:ipa dnsrecord-add archyslife.lan mx01 --mx-preference=0 --mx-exchanger=mx01.archyslife.lan[archy@ipa01 ~]$
modifying dns records, a few examples.ipa dnsrecord-add archyslife.lan _ldap._tcp --srv-priority=0 --srv-weight=100 --srv-port=389 --srv-target=ipa01.archyslife.lan[archy@ipa01 ~]$
A:
MX:ipa dnsrecord-mod archyslife.lan mx01 --a-ip-address=172.31.10.100 --a-create-reverse[archy@ipa01 ~]$
SRV:ipa dnsrecord-add archyslife.lan mx01 --mx-preference=1 --mx-exchanger=mx01.archyslife.lan[archy@ipa01 ~]$
deleting dns records, a few examples.ipa dnsrecord-add archyslife.lan _ldap._tcp --srv-priority=1 --srv-weight=100 --srv-port=389 --srv-target=ipa01.archyslife.lan[archy@ipa01 ~]$
A:
MX:ipa dnsrecord-del archyslife.lan mx01 --a-rec=172.31.10.200[archy@ipa01 ~]$ipa dnsrecord-del 10.31.172.in-addr.arpa 200 --ptr-rec=mx01.archyslife.lan.[archy@ipa01 ~]$
SRV:ipa dnsrecord-del archyslife.lan mx01 --mx-rec="0 mx01.archyslife.lan."[archy@ipa01 ~]$
Finding all zones currently available:ipa dnsrecord-del archyslife.lan _ldap._tcp --srv-rec="0 100 389 ldap01.archyslife.lan."[archy@ipa01 ~]$
[archy@ipa01 ~]$ ipa dnszone-find [archy@ipa01 ~]$ ipa dnszone-show archyslife.lan --all [archy@ipa01 ~]$ ipa dnszone-add $zonename
[archy@ipa01 ~]$ ipa dnszone-del $zonename
[archy@ipa01 ~]$ ipa dnszone-mod $zonename --{options}
Deleting a forwardzone:ipa dnsforwardzone-add example.com. --forwarder=10.99.200.50 --policy=only[archy@ipa01 ~]$ipa dnsforwardzone-add 200.99.10.in-addr.arpa. --forwarder=10.99.200.50 --policy=only[archy@ipa01 ~]$
ipa dnsforwardzone-del example.com.[archy@ipa01 ~]$ipa dnsforwardzone-del 200.99.10.in-addr.arpa.[archy@ipa01 ~]$
Comments
Post a Comment