[Freeipa-devel] [PATCH] 202 Add reverse DNS record when forward is created

Tue Feb 14 15:52:57 UTC 2012

On 10.2.2012 16:42, Martin Kosek wrote:
> On Tue, 2012-02-07 at 16:26 +0100, Martin Kosek wrote:
>> On Mon, 2012-02-06 at 15:56 -0500, Rob Crittenden wrote:
>>> Martin Kosek wrote:
>>>> On Mon, 2012-01-30 at 11:52 -0500, Rob Crittenden wrote:
>>>>> Martin Kosek wrote:
>>>>>> Adding reverse DNS record may be a time consuming task, especially
>>>>>> for IPv6 addresses. Having a way to automatically create a reverse
>>>>>> record when a forward record is created could speed up the process.
>>>>>> host-add command already has this possibility.
>>>>>>
>>>>>> This patch takes advantage of the new per-type API and adds new
>>>>>> options for A/AAAA record types: --a-create-reverse and
>>>>>> --aaaa-create-reverse. These commands can be used to automatically
>>>>>> create reverse records for new A/AAAA addresses (both forward
>>>>>> and reverse zones need to be managed by FreeIPA server):
>>>>>>
>>>>>> ipa dnsrecord-add example.com foo --a-rec=10.0.0.1 --a-create-reverse
>>>>>>
>>>>>> This command would add a new A record to record foo in zone
>>>>>> example.com and a PTR record to appropriate reverse zone for
>>>>>> IP address 10.0.0.1 (for example PTR record 1 in zone
>>>>>> 0.0.10.in-addr.arpa. pointing to foo.example.com.).
>>>>>>
>>>>>> Few modification were done to new DNS API to support this feature:
>>>>>>     - Refactor --ip-address option handling from host-add and place it
>>>>>>       to dns.py to be used by both modules
>>>>>>     - Add support for "extra" per-type options
>>>>>>     - Hide DNS record part options in dnsrecord_find command as they
>>>>>>       have no effect for this command
>>>>>>
>>>>>> https://fedorahosted.org/freeipa/ticket/2009
>>>>>
>>>>> Can the options -a-create-reverse and -aaaa-create-reverse be combined?
>>>>> I was able to create an IPv4 addr using -aaaa-create-reverse:
>>>>>
>>>>> # ipa dnsrecord-add example.com baz --a-rec=192.168.166.115
>>>>> --aaaa-create-reverse
>>>>>      Record name: baz
>>>>>      A record: 192.168.166.115
>>>>>
>>>>> Otherwise the patch seems fine.
>>>>
>>>> These 2 options can be combined, you can add both A and AAAA forward
>>>> records and create records in their reverse records at the same time:
>>>>
>>>> ipa dnsrecord-add example.com bar --a-rec=10.0.0.1 --a-create-reverse
>>>> --aaaa-rec=2001::beef:1 --aaaa-create-reverse
>>>>
>>>> In your case the option --aaaa-create-reverse is ignored as there is no
>>>> AAAA rec added. Thus no AAAA record callback which would create this
>>>> reverse record is called.
>>>>
>>>> We may implement some checks which would throw a validation error when
>>>> --a-create-reverse/--aaaa-create-reverse is called without a respective
>>>> A/AAAA record.
>>>>
>>>> Martin
>>>>
>>>
>>> Yes, I think that is the way to go, otherwise this is confusing.
>>>
>>> rob
>>
>> Now, an exception is thrown if you try to pass --<rrtype>-create-reverse
>> without an appropriate --<rrtype>-rec option filled:
>>
>> # ipa dnsrecord-add example.com baz --a-rec=192.168.166.115 --aaaa-create-reverse
>> ipa: ERROR: 'aaaarecord' is required
>>
>> I also refactored pre_callback of dnsrecord-add command a little, I
>> didn't like parsing<rrtype>  from parameter name using regexes. Now,
>> every DNS part option has a link to "parent" DNS record stored in hint
>> attribute.
>>
>> Martin
>
> Petr Vobornik noticed that reserved IP address passed to --a-rec
> (--aaaa-rec) causes an Internal Error when --a-create-reverse is set at
> the same time:
>
> # ipa dnsrecord-add example.com foo --aaaa-ip-address=F:F:F:A::12 --aaaa-create-reverse
> ipa: ERROR: an internal error has occurred
>
> Attached patch fixes it:
>
> # ipa dnsrecord-add example.com foo --aaaa-ip-address=F:F:F:A::12 --aaaa-create-reverse
> ipa: ERROR: invalid 'aaaarecord': cannot use IANA reserved IP address
>
> Martin
>

I would prefer if there was a single --create-reverse option for both A 
and AAAA records, as it IMO makes more sense from user's point of view. 
What do you think?

Honza

-- 
Jan Cholasta