View Issue Details

IDProjectCategoryView StatusLast Update
0017761CentOS-8ipapublic2020-09-29 10:56
Reportergtuminauskas 
PrioritynormalSeveritytweakReproducibilityalways
Status newResolutionopen 
Product Version8.2.2004 
Target VersionFixed in Version 
Summary0017761: Set allow-recursion by default in IPA DNS
Descriptionnamed service has missing option:
```
// Any host is permitted to issue recursive queries
    allow-recursion { any; };
```


This is the same bug, which was fixed many years ago
https://pagure.io/freeipa/issue/1335
https://bugzilla.redhat.com/show_bug.cgi?id=713798

Steps To ReproduceQuery originator: 10.1.1.2/24
IDM/Named: 10.1.2.2/24
When checking a DNS 'A' record from a different subnet than the IDM server resides, it answers only for zones which it has locally
Named does not answer queries returned by global forwarders to other local subnets
Additional Information# rpm -qi ipa-server | head
Name : ipa-server
Version : 4.8.4
Release : 7.module_el8.2.0+374+0d2d74a1
Architecture: x86_64
Install Date: Mon 28 Sep 2020 10:07:57 AM EEST
Group : Unspecified
Size : 1082187
License : GPLv3+
Signature : RSA/SHA256, Sun 31 May 2020 12:28:39 AM EEST, Key ID 05b555b38483c65d
Source RPM : ipa-4.8.4-7.module_el8.2.0+374+0d2d74a1.src.rpm

# uname -srvmpio
Linux 4.18.0-193.19.1.el8_2.x86_64 #1 SMP Mon Sep 14 14:37:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

Tags"freeipa", "ipa", "named"

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2020-09-29 10:56 gtuminauskas New Issue
2020-09-29 10:56 gtuminauskas Tag Attached: "freeipa"
2020-09-29 10:56 gtuminauskas Tag Attached: "ipa"
2020-09-29 10:56 gtuminauskas Tag Attached: "named"