how to disable forwarder in freeipa servers named.conf

Question

My IPA server's named.conf has this in it since I chose to enter a forwarder address during the ipa-server-install.

forward first;
    forwarders {
            132.206.44.21;
            132.216.44.21;
    };

Now I can only resolve hostnames through this forwarder and the ipa-client hosts I've joined on my network are ignored. I know the local hosts are in the local DNS because I can do ipa dnsrecord-show hostname and it gives the IP. Why is it ignoring this when I do ping or nslookup? I thought the forward first policy is supposed to fall back on the local DNS unlike forward only policy?

I've also tried:

ipa dnsconfig-mod --forwarder=''
ipa dnszone-mod --forwarder='' zonename
ipa dnszone-mod --forward-policy=none zonename
service named restart

no joy :(

score 0 · Answer 1 · edited May 27 '16 at 05:49

0

The forwarders in named.conf are separate from the forwarders set by IPA commands. The both sets of forwarders apply simultaneously. You need to remove forwarders or update them in named.conf.

See Documentation of FreeIPA for explanation of the behavior of forwarder policies.

Additionally, check that your /etc/resolv.conf actually specifies IP address of IPA DNS server.

edited May 27 '16 at 05:49

Abhijeet Kasurde

1,009

answered Apr 25 '15 at 09:13

abbra

1,197

how to disable forwarder in freeipa servers named.conf

1 Answers1