I would like to configure DNS to respond with a different IP depending on the requester source IP. Bind allow it using ACL. Do you know if it is possible to implement this feature on IPA integrated DNS?
thank you
On ti, 24 maalis 2020, Daniel PC via FreeIPA-users wrote:
I would like to configure DNS to respond with a different IP depending on the requester source IP. Bind allow it using ACL. Do you know if it is possible to implement this feature on IPA integrated DNS?
Can you show bind's equivalent configuration? Then we can discuss whether this is possible or not.
For one, FreeIPA's bind-dyndb-ldap does not support multiple views because all zones from IPA are represented as a single (default) view by bind-dyndb-ldap (that and there are other technical reasons which prevent implementing full multi-view support).
I confirm my configuration have something like:
view test1 { match-clients{ ...;}; };
view test2 { match-clients{ ...;}; };
Any suggestion as alternative to views?
Thank you
Was there any resolution to this question? I have the same need.
Specifically I a multi-homed host where the clients on each attached network should use their local address for the server and not one of the other subnets' addresses.
On Чцв, 23 кас 2025, Brian J. Murrell via FreeIPA-users wrote:
Was there any resolution to this question? I have the same need.
Specifically I a multi-homed host where the clients on each attached network should use their local address for the server and not one of the other subnets' addresses.
The original question was whether DNS views can be implemented with bind-dyndb-ldap. The answer stays no.
We do not support multi-homed IPA servers and not just on DNS level. Couple years ago I did a bit of investigation of what will need to be done to support those and it is not promising. You can read it at https://vda.li/en/posts/2023/08/16/Support-multi-homed-FreeIPA-Server/
freeipa-users@lists.fedorahosted.org
-
Alexander Bokovoy -
Brian J. Murrell -
Daniel PC