[Freeipa-users] Clients with Multi Master IPA replication
Martin Kosek
mkosek at redhat.com
Mon Jan 18 08:24:35 UTC 2016
Even if FreeIPA server does not control DNS, you can still setup proper DNS SRV
records to enable autodiscovery or client fallack.
Some hint what records are needed should be given at the end of
ipa-server-install. It uses this template:
https://git.fedorahosted.org/cgit/freeipa.git/tree/install/share/bind.zone.db.template
You can use it as a hint what records are expected (more DNS SRV records are
needed when/if you also configure Trusts with Active Directory).
On 01/17/2016 01:46 PM, Zeal Vora wrote:
> Thanks Nathan.
>
> Actually, the FreeIPA servers are not serving DNS. For this way, we will
> have to do it some other way ?
>
>
>
> On Sun, Jan 17, 2016 at 5:16 PM, Nathan Peters <
> Nathan.Peters at globalrelay.net> wrote:
>
>> Hey Zeal,
>>
>>
>>
>> When you join a FreeIPA client to a domain, as long as you put the address
>> of at least one of the FreeIPA servers (if they are serving DNS) in the
>> /etc/resolv.conf file, they will use DNS to find FreeIPA servers.
>> Specifically they look for _SRV records. I think they naturally prefer
>> hosts in the same subnet as them, but will talk to anything available if
>> nothing close answers.
>>
>>
>>
>> This applies both during the join process, and in regular operation.
>>
>>
>>
>> This way you don’t have to worry about messing with your DNS records,
>> FreeIPA handles it all for you.
>>
>>
>>
>> *From:* freeipa-users-bounces at redhat.com [mailto:
>> freeipa-users-bounces at redhat.com] *On Behalf Of *Zeal Vora
>> *Sent:* January-17-16 3:21 AM
>> *To:* freeipa-users at redhat.com
>> *Subject:* [Freeipa-users] Clients with Multi Master IPA replication
>>
>>
>>
>> Hi
>>
>>
>>
>> I have setup a multi-master IPA server.
>>
>>
>>
>> I was wondering for IPA Client, which URL should we add in to ?
>>
>>
>>
>> Should we setup a DNS entry with round robin ? But then if single Master
>> fails, the queries will still reach to it.
>>
>>
>>
>> What is the ideal way to implement in such scenarios ?
>>
>>
>>
>> Any help will be appreciated !
>>
>>
>>
>>
>>
>>
>>
>> Thanks,
>>
>> Zeal
>>
>
>
>
More information about the Freeipa-users
mailing list