Unbound DNS & FreeIPA Location failover records.
-
HI Team.
I want to cut over a whole bunch of dev services from one network to another. (I'm upgrading office LAN for a startup). They are all bound to an instance of FreeIPA for authentication and dir services etc.
I want put a replica server in the new network, and setup "locations" so as I cut over the Servers and Containers, I don't need to update any LDAP mappings, from old to new, they just pick up the replica server on new network.
MY QUESTION IS.....
I need to add two zones for these records,
_kerberos-master._tcp.hive.swarm64.com. 86400 IN SRV 0 100 88 ipa2.hive.swarm64.com.
_kerberos-master._tcp.hive.swarm64.com. 86400 IN SRV 50 100 88 ipa1.hive.swarm64.com.
_kerberos-master._udp.hive.swarm64.com. 86400 IN SRV 0 100 88 ipa2.hive.swarm64.com.
_kerberos-master._udp.hive.swarm64.com. 86400 IN SRV 50 100 88 ipa1.hive.swarm64.com.
_kerberos._tcp.hive.swarm64.com. 86400 IN SRV 0 100 88 ipa2.hive.swarm64.com.
_kerberos._tcp.hive.swarm64.com. 86400 IN SRV 50 100 88 ipa1.hive.swarm64.com.
_kerberos._udp.hive.swarm64.com. 86400 IN SRV 0 100 88 ipa2.hive.swarm64.com.
_kerberos._udp.hive.swarm64.com. 86400 IN SRV 50 100 88 ipa1.hive.swarm64.com.
_kpasswd._tcp.hive.swarm64.com. 86400 IN SRV 0 100 464 ipa2.hive.swarm64.com.
_kpasswd._tcp.hive.swarm64.com. 86400 IN SRV 50 100 464 ipa1.hive.swarm64.com.
_kpasswd._udp.hive.swarm64.com. 86400 IN SRV 0 100 464 ipa2.hive.swarm64.com.
_kpasswd._udp.hive.swarm64.com. 86400 IN SRV 50 100 464 ipa1.hive.swarm64.com.
_ldap._tcp.hive.swarm64.com. 86400 IN SRV 0 100 389 ipa2.hive.swarm64.com.
_ldap._tcp.hive.swarm64.com. 86400 IN SRV 50 100 389 ipa1.hive.swarm64.com.
_ntp._udp.hive.swarm64.com. 86400 IN SRV 0 100 123 ipa2.hive.swarm64.com.
_ntp._udp.hive.swarm64.com. 86400 IN SRV 50 100 123 ipa1.hive.swarm64.com.I' a bit of a rank amateur with Unbound. (Or Bind.) I'm an ex-windows loser who is gradually making his way into the real world of open source. Can someone point me in the right direction for a guide on entering the zones and records?? I don't think this is do-able by the GUI??? Have given the pfSense book a look but its not 100% straightforward for meee.
Thanks legends
Mitch. -
RTFM: https://nlnetlabs.nl/documentation/unbound/unbound.conf/
-
So no do-able on PF-Sense web configurator??
-
@mitch_sullo said in Unbound DNS & FreeIPA Location failover records.:
So no do-able on PF-Sense web configurator??
Why not ?
Step 1 : bind;, unbound, whatever. You have a special request, so use the special request list : as cited : https://nlnetlabs.nl/documentation/unbound/unbound.conf/ : the unbound.conf config file.The "local-data" is the one that seems promising.
Checking out this lcoal-data bring you to this :
How do I get SRV records through Domain Override? -
@Gertjan Thanks man, very cool i'll check it out and let you know how I go
-
Hey all. Quite a few hours of mucking about and I got it workin!
Thanks for the help. Amazing.
