Short tip: FreeIPA looses global DNS forwarder

Recently I found out that Red Hat Identity Management (IdM) and FreeIPA tend to forgot their global DNS configuration after some upgrades. In my case, the global DNS forwarder configuration was dropped forcing external lookups to fail:

$ ipa dnsconfig-show
---------------------------------
Global DNS configuration is empty
---------------------------------
  IPA DNS servers: giertz.shittyrobots.loc, jason.shittyrobots.loc
$ dig +short packages.gitlab.com

Using the ipa dnsconfig-mod command, it is easy to configure this setting again:

$ ipa dnsconfig-mod --forwarder=8.8.8.8
Server will check DNS forwarder(s).
This may take some time, please wait ...

Afterwards the configuration is updated and DNS lookups should work as before:

$ ipa dnsconfig-show
  Global forwarders: 8.8.8.8
  IPA DNS servers: giertz.shittyrobots.loc, jason.shittyrobots.loc
$ dig +short packages.gitlab.com
54.153.54.194

Sharing is caring

Leave a Reply