Short tip: FreeIPA looses global DNS forwarder
Recently I found out that Red Hat Identity Management (IdM) and FreeIPA tend to forgot their global DNS configuration after some upgrades. In my case, the global DNS forwarder configuration was dropped forcing external lookups to fail:
1$ ipa dnsconfig-show
2---------------------------------
3Global DNS configuration is empty
4---------------------------------
5 IPA DNS servers: giertz.shittyrobots.loc, jason.shittyrobots.loc
6
7$ dig +short packages.gitlab.com
Using the ipa dnsconfig-mod command, it is easy to configure this setting again:
1$ ipa dnsconfig-mod --forwarder=8.8.8.8
2Server will check DNS forwarder(s).
3This may take some time, please wait ...
Afterwards the configuration is updated and DNS lookups should work as before:
1$ ipa dnsconfig-show
2 Global forwarders: 8.8.8.8
3 IPA DNS servers: giertz.shittyrobots.loc, jason.shittyrobots.loc
4
5$ dig +short packages.gitlab.com
654.153.54.194