Dns

I have a FreeIPA server with the following information. FreeIPA server: utility.lab.example.com FreeIPA realm: LAB.EXAMPLE.COM FreeIPA domain: lab.example.com. I want to insert a few DNS records: hosta.lab.example.com - 172.25.250.10 hostb.lab.example.com - 172.25.250.11 hostc.lab.example.com - 172.25.250.12 hostd.lab.example.com - 172.25.250.13 bastion.lab.example.com - 172.25.250.254 And I’d like to use the command line to do this. Acquire the admin’s Kerberos ticket. [root@utility ~]# kinit admin Password for admin@LAB.EXAMPLE.COM: List the DNS zones. [root@utility ~]# ipa dnszone-find Zone name: 250.25.172.in-addr.arpa. Active zone: TRUE Authoritative nameserver: utility.lab.example.com. Administrator e-mail address: hostmaster.lab.example.com. SOA serial: 1606798502 SOA refresh: 3600 SOA retry: 900 SOA expire: 1209600 SOA minimum: 3600 Allow query: any; Allow transfer: none; Zone name: lab.example.com. Active zone: TRUE Authoritative nameserver: utility.lab.example.com. Administrator e-mail address: hostmaster.lab.example.com. SOA serial: 1606798523 SOA refresh: 3600 SOA retry: 900 SOA expire: 1209600 SOA minimum: 3600 Allow query: any; Allow transfer: none; ---------------------------- Number of entries returned 2 ---------------------------- Find DNS record whose name contains “hosta” (e.g. hosta.lab.example.com) [root@utility ~]# ipa dnsrecord-find lab.example.com. --name hosta ---------------------------- Number of entries returned 0 ---------------------------- Add a record name hosta.lab.example.com with IP 172.25.250.10. [root@utility ~]# ipa dnsrecord-add lab.example.com. \ > hosta \ > --a-rec 172.25.250.10 Record name: hosta A record: 172.25.250.10 [root@utility ~]# ipa dnsrecord-find lab.example.com. --name hosta Record name: hosta A record: 172.25.250.10 ---------------------------- Number of entries returned 1 ---------------------------- Repeat the above steps for hostb, hostc, and hostd [root@utility ~]# ipa dnsrecord-add lab.example.com. hostb --a-rec 172.25.250.11 Record name: hostb A record: 172.25.250.11 [root@utility ~]# ipa dnsrecord-add lab.example.com. hostc --a-rec 172.25.250.12 Record name: hostc A record: 172.25.250.12 [root@utility ~]# ipa dnsrecord-add lab.example.com. hostd --a-rec 172.25.250.13 Record name: hostd A record: 172.25.250.13 Add a record name bastion.lab.example.com with IP 172.25.250.254 [root@utility ~]# ipa dnsrecord-add lab.example.com. bastion --a-rec 172.25.250.254 Record name: bastion A record: 172.25.250.254 I just realized that all my DNS records do not have reverse records created for them. There are 2 ways to achieve this. First is to create a PTR records for each record above. The second option is to delete the existing record, and create a new one with PTR record created automatically. ...

One of the requirements to join an Identity Management Server (IdM) to an Active Directory (AD), a DNS delegation needs to be created on AD. With the Red Hat training for RH362, we were taught to use a command-line interface program called dnscmd on AD server. I personally found this command very cumbersome, and I think a better way is to do this DNS delegation using PowerShell cmdlet. I’ll demonstrate how to do DNS delegation both using dnscmd and PowerShell cmdlet. You can decide yourself which one you find easier to use. ...

A reminder to readers, most of these blog posts are to remind me what I have done or fixed some problems. What works for me may not work for you. Most of the time, they aren’t even the best practice. Here’s a snippet of the PF firewall rule on my FreeBSD box which acts as a DNS server. Basically, the firewall opens up UDP port 53 to allow LAN access it. ...