so I've narrowed the problem down. installing pure freeipa is working just fine. My
problems start arising after I add dns proxy to katello:
https://docs.theforeman.org/3.5/Installing_Server/index-katello.html#conf....
I have 4 ipa servers 1 master 3 replicas, each replica has all the options installed on
them and I've moved the cert renewal server to replica 1, cert revocation list to
replica 2, dnssec key master server to replica 3, I've tested using freeipa as is, for
the last 2 days no problem, last night I've reinstalled katello and added the dns
smart proxy option to check and as soon as I did that It broke my dns on freeipa, not sure
what caused the problem. I've added all the logs from named down to Rafaels answer.
Hope there is something that I'm not seeing and that its not a bug that I just found.
freeipa is on rhel 9.1. foreman+katello is on rhel 8.7, freeipa servers are subscribed to
katello for repos, katello is subscibed to freeipa as a clie
nt.