#3575 ipa-server-install does not properly handle dual stacked hosts
Closed: Fixed None Opened 10 years ago by mkosek.

Ticket was cloned from Red Hat Bugzilla (product Fedora): Bug 952676

Description of problem:
When running the installer on a dual stacked system, the user is presented with
the following question:

 The server hostname resolves to more than one address:
   yyyy:yyyy:yyyy:yyyy::4
   xxx.xxx.xxx.180
 Please provide the IP address to be used for this host name:

The actual answer to this question seems to be ignored - the installer seems to
successfully configure FreeIPA listening on both v4 and v6 addresses.

Additionally, the zone file suggested by FreeIPA does not contain a AAAA
record. This is incorrect.
Version-Release number of selected component (if applicable):
3.1.3

How reproducible:
Always

Steps to Reproduce:
1. Configure IPv4 and IPv6 fully on a host
2. Install FreeIPA

Actual results:
Spurious question presented, zone file does not contain quad AAA record.

Expected results:
Installer should recognise dual-stacked configuration and generate a AAAA
record in the zone file.

Additional info:

Prometheus% telnet ds 389
Trying xxxx:xxx:x:xxx::4...
Connected to ds.
Escape character is '^]'.

[root@ds ~]# netstat -a | grep -i listen
tcp        0      0 *:kerberos              *:*                     LISTEN
tcp        0      0 *:kerberos-adm          *:*                     LISTEN
tcp        0      0 *:sunrpc                *:*                     LISTEN
tcp        0      0 *:kpasswd               *:*                     LISTEN
tcp6       0      0 [::]:kerberos           [::]:*                  LISTEN
tcp6       0      0 [::]:https              [::]:*                  LISTEN
tcp6       0      0 [::]:ldaps              [::]:*                  LISTEN
tcp6       0      0 [::]:ldap               [::]:*                  LISTEN
tcp6       0      0 [::]:sunrpc             [::]:*                  LISTEN
tcp6       0      0 [::]:webcache           [::]:*                  LISTEN
tcp6       0      0 [::]:http               [::]:*                  LISTEN
tcp6       0      0 [::]:kpasswd            [::]:*                  LISTEN

Related bug for ipa-client-install: #4249


Related to #3338.

We should only force people to pass --ip-address if the hostname is not resolvable. If it is and no --ip-address is given, we should just use standard resolution to find out all addresses and use them as forward records.

Need changes to the installer to explain why we are asking for this.

This issue was also reported in https://bugzilla.redhat.com/show_bug.cgi?id=1125415 and blocks some of the other development - moving to NEEDS TRIAGE to re-prioritize.

Stephen will need this for F22, but as Simo noted, this is a nasty one - we should fix earlier.

The patch now depends on freeipa-dkupka-0012 as both modifies the same part of code.

Patch hits code which is changing now.

master:

  • 947c739 Detect and configure all usable IP addresses.

ipa-4-1:

  • 579b614 Detect and configure all usable IP addresses.

master:

  • 47731f4 Fix printing of reverse zones in ipa-dns-install.

ipa-4-1:

  • 7e5a71d Fix printing of reverse zones in ipa-dns-install.

Metadata Update from @mkosek:
- Issue assigned to dkupka
- Issue set to the milestone: FreeIPA 4.1

6 years ago

Login to comment on this ticket.

Metadata