IPA dynamic DNS updates only the AAAA record. Where are my A records?

centos6 sssd dynamic-dns freeipa

Solution 1:

After you have added 

ipa_dyndns_iface = eth0

in that pastebin i see sssd recognize your ip as multicast:

"(Tue Jul 9 10:00:01 2013) [sssd[be[example.us]]] [ok_for_dns] (0x0200): Multicast IPv4 address 172.25.50.227"

in the piece of code Jacob wrote where he would test for looback addresses, multicast addresses e.t.c. not to report to dns you will find your error:

if (IN_MULTICAST(ntohl(addr->s_addr))) {
        DEBUG(SSSDBG_FUNC_DATA, ("Multicast IPv4 address %s\n", straddr));
        return false;
    } else if (inet_netof(*addr) == IN_LOOPBACKNET) {
        DEBUG(SSSDBG_FUNC_DATA, ("Loopback IPv4 address %s\n", straddr));
        return false;
    } else if ((addr->s_addr & 0xffff0000) == 0xa9fe0000) {
        /* 169.254.0.0/16 */
        DEBUG(SSSDBG_FUNC_DATA, ("Link-local IPv4 address %s\n", straddr));
        return false;
    } else if (addr->s_addr == htonl(INADDR_BROADCAST)) {
        DEBUG(SSSDBG_FUNC_DATA, ("Broadcast IPv4 address %s\n", straddr));
        return false;
    }
} else {
    DEBUG(SSSDBG_CRIT_FAILURE, ("Unknown address family\n"));
    return false;
}

return true;

Now the question is why is it recognized as "multicast addr" i have no idea. As IN_MULTICAST in in.h you can see:

   "IN_MULTICAST(a)" - tests whether a is a multicast address. and it is in "inet.h/in.h":
   #define  IN_CLASSD(i)        (((long)(i) & 0xf0000000) == 0xe0000000)
   #define  IN_MULTICAST(i)     IN_CLASSD(i)

So how that IP Address evaluated to multicast, i would try to strace it and look. Also you could ask Jacob Hrozek, he wrote that piece of sssd code. He usually always available at #sssd on freenode, would be great if you'd share what you end up with on this. Hope it helps a little.

EDIT

Yeah, there is a bug in your version 1.9.2. You have: 

  if (IN_MULTICAST(addr->s_addr))) {

It should be:

  if (IN_MULTICAST(ntohl(addr->s_addr))) {

Solution 2:

From the sssd-ipa(5) manpage:

   ipa_dyndns_iface (string)
       Optional. Applicable only when ipa_dyndns_update is true. Choose the interface whose IP address should be used for dynamic DNS updates.

       Default: Use the IP address of the IPA LDAP connection

You must set ipa_dyndns_iface in /etc/sssd/sssd.conf to match the interface of the IPA server, as the default is to only use the address of the socket towards the IPA server:

ipa_dyndns_iface = eth0

That should enable dynamic updates for both IPv4 and IPv6.

Related

how to prevent cron logs from registering in syslog?
nginx terminates connection after 65k bytes
linux 802.1x on a windows wired network
What does the --master option ACTUALLY do in uwsgi?
firewalld not listing any active zones?
linux + lvextend vs lvresize - what are the differences
Can an IIS server have too much memory?
Azure backup vs Snapshots
How to install security patches on CentOS 7.x
Possible to get apache2 environment variable from command line?
As a user without admin privileges, how can I make my own postgres database?
Server freezes randomly for a few seconds