[Freeipa-devel] [PATCH] 087 Allow recursion by default
Martin Kosek
mkosek at redhat.com
Wed Jun 22 08:07:54 UTC 2011
I suggest adding the following doc to the end of chapter "5.6.
DNS" (after the paragraphs about forwarders):
Any host is permitted to issue recursive queries against configured
forwarders by default. When required, this behavior can be changed
in /etc/named.conf in "allow-recursion" statement. Please consult name
server documentation for details how to edit the configuration
statement.
----
How to test:
1) install IPA with --setup-dns and defined --forwarder
2) query record not-managed by installed IPA (e.g. www.freeipa.org) from
localhost - should pass both with and without the patch
3) query record not-managed by installed IPA from other computer from
different subnet - fails without the patch and should pass with the
patch
----
Update name server configuration file to allow any host to issue
recursive queries (allow-recursion statement).
https://fedorahosted.org/freeipa/ticket/1335
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mkosek-087-allow-recursion-by-default.patch
Type: text/x-patch
Size: 975 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20110622/928bb5d3/attachment.bin>
More information about the Freeipa-devel
mailing list