Stephen Ingram via FreeIPA-users wrote:
On Fri, Oct 18, 2019 at 10:16 AM Stephen Ingram <sbingram@gmail.com mailto:sbingram@gmail.com> wrote:
On Thu, Oct 17, 2019 at 11:36 PM Alexander Bokovoy <abokovoy@redhat.com <mailto:abokovoy@redhat.com>> wrote: On to, 17 loka 2019, Stephen Ingram via FreeIPA-users wrote: >I'm trying to setup service discovery for our printers on the network using >a CUPS bonjour tutorial. Specifically the record I'm trying to create is: > >_ipp._tcp PTR m477fdw._ipp._tcp.i.example.com <http://tcp.i.example.com>. > >Every time I try to create this record in IPA I receive the error message: > >Invalid 'ptrrecord': Reverse zone in-addr.arpa. requires exactly 4 IP >address components, 5 given > >Does IPA DNS just not support service discovery records or do I need to do >something differently? I don't think our management code supports having PTR records in non .arpa zones. Could you please open an issue at pagure.io/freeipa/new_issue <http://pagure.io/freeipa/new_issue> detailing a specification that requires these PTR records in a non-arpa zone? So I did a little digging in Pagure and found an already existing issue (https://pagure.io/freeipa/issue/5566) opened over three years ago asking for the exact same thing. I didn't even realize that the record should be created in the forward lookup zone until you mentioned non-arpa (this whole DNS-SD is very new to me). It still does result in an error though: invalid 'ptrrecord': Reverse zone for PTR record should be a sub-zone of one the following fully qualified domains: ip6.arpa., in-addr.arpa. Rob points out that it was never the intention to be a general-purpose DNS server. Maybe, but if IPA is the authoritative source for the local network replacing AD for linux machines, then it's sort of ridiculous to have to setup another DNS server just to handle these few records. Someone else points out that you can just go in and edit the field in the directory bypassing IPA's checks. I guess that could work, but again, a real pain just to add a few records. It seems like this is more of a IPA not letting you add the record more than not being able to handle it, and, thus, hopefully an easy fix?
So does the fact that this issue has gone unaddressed for three years indicate that it won't be considered for inclusion? Would it be better just to turn off the IPA DNS server and setup an instance of BIND and handle it that way?
It's a matter of priority. Very few users have needed this capability, or at least let us know they need it, so it has remained low.
rob