Product SiteDocumentation Site

8.9. Adding Records to DNS Zones

FreeIPA supports several different types of DNS records, listed in Table 8.4, “DNS Record Types”.
Table 8.4. DNS Record Types
A DNAME NAPTR SIG
AAAA DS NS SPF
A6 KX NSEC SRV
AFSDB LOC PTR SSHFP
CERT MX RRSIG TXT
CNAME

8.9.1. Adding DNS Resource Records from the Web UI

  1. Open the Identity tab, and select the DNS subtab.
  2. Click the name of the DNS zone to which to add records.
  3. In the DNS Resource Records tab, click the Add link.
  4. Select the type of record to create in the Record Type drop-down menu. The type of record affects the information that is required in the Record Name and Data fields.
    Although FreeIPA supports many different record types, there are four frequent record types that are used:
    • IPv4. This is a basic map for a hostname and an ordinary IPv4 address. The Record Name is a hostname, such as www. The Data is a standard IPv4 address, such as 192.168.1.2.
      More information about A records is in RFC 1035.
    • IPv6. This is a basic map for a hostname and an IPv6 address. The Record Name is a hostname, such as www. The Data is a standard hexadecimal IPv6 address, such as fe80::20c:29ff:fe02:a1b3.
      More information about AAAA records is in RFC 3596.
    • SRV. Service (SRV) resource records map service names to the DNS name of the server that is providing that particular service. The Record Name has the format _service._protocol, such as _ldap._tcp. The Data value sets the priority, weight, port number, and hostname for the target service. For example, 0 100 389 ldap.example.com.
      More information about SRV records is in RFC 2782.
    • PTR. A pointer record type (PTR) record adds a reverse DNS record, which maps an IP address to a domain name. In this case, the Record Name is the record ID number for the DNS entry of the resource and the Data value is the hostname with a terminal period, such as server.example.com..
      More information about PTR records is in RFC 1035.
  5. Click the Add button to save the new resource record.

8.9.2. Adding DNS Resource Records from the Command Line

The ipa dnsrecord-add command adds records to DNS zones, based on the type. Adding a record has the same basic command format:
$ ipa dnsrecord-add domainName recordName --recordType--rec record
The recordType is an identifier, such as a for A or IPv4 records. The record value is the actual entry, which has a value corresponding to the record type.

NOTE

The ipa dnsrecord-add command only creates forward entries, not reverse entries.
Example 8.3. IPv4 Record
Type A resource records map hostnames to IPv4 addresses. The record value for these commands, then, is a standard IPv4 address. The URL label is usually www.
$ ipa dnsrecord-add example.com www --a-rec 10.64.14.165
This creates the record www.example.com with the IP address 10.64.14.165.
More information about A records is in RFC 1035.

Example 8.4. IPv6 Record
Type AAAA resource records (quad-A records) map hostnames to IPv6 addresses. The record value for these commands is an IPv6 address. As with Type A records, the URL label is usually www.
$ ipa dnsrecord-add example.com www --aaaa-rec fe80::20c:29ff:fe02:a1b3
This creates the record www.example.com with the IP address fe80::20c:29ff:fe02:a1b3. More information about AAAA records is in RFC 3596.

Example 8.5. SRV Record
Service (SRV) resource records map service names to the DNS name of the server that is providing that particular service. For example, this record type can map a service like an LDAP directory to the DNS server which manages it.
As with Type A and Type AAAA records, SRV records specify a way to connect to and identify the service, but the record format is different.
The recordName identifies the service type and the connection protocol, in the format _service._protocol.
The record information has the format "priority weight port target".
$ ipa dnsrecord-add server.example.com _ldap._tcp --srv-rec="0 100 389 server1.example.com" 

$ ipa dnsrecord-add server.example.com _ldap._tcp --srv-rec="1 100 389 server2.example.com"
More information about SRV records is in RFC 2782.

Example 8.6. PTR Record
A pointer record type (PTR) record adds a reverse DNS record, which maps an IP address to a domain name, rather than the other way around.
All reverse DNS lookups for IPv4 addresses use reverse entries that are defined in the in-addr.arpa. domain. The reverse address, in human-readable form, is the exact reverse of the regular IP address, with the in-addr.arpa. domain appended to it. For example, for the IP address 192.0.1.2, the reverse address is 2.1.0.192.in-addr.arpa.
When adding the reverse DNS record, the format of the dnsrecord-add command is also reverse, compared to the usage for adding regular DNS entries:
$ ipa dnsrecord-add reverseIpAddress recordId --ptr-rec FQDN
The recordId is the numeric identifier to use for the entry in the zone.
For example, this adds a record with an ID of 4 for server2.example.com:
$ ipa dnsrecord-add 2.1.0.192.in-addr.arpa 4 --ptr-rec server2.example.com.
More information about PTR records is in RFC 1035.

NOTE

Reverse zones can also be configured for IPv6 addresses, with zones in the .ip6.arpa. domain. For more information about IPv6 reverse zones, see RFC 3596.