Failed to add multiple zone-transfer addresses in IdM managed DNS zone

Solution Verified - Updated -

Issue

  • Need to add multiple zone-transfer IP addresses in IdM managed DNS zone to: 192.168.10.20 and 192.168.30.40
  • Followed example in Product Documentation1 to enable zone-transfer with command line: ipa dnszone-mod example.com. --allow-transfer=192.168.10.20;192.168.30.40

  • Only one IP address was added successfully

    # ipa dnszone-mod example.com. --allow-transfer=192.168.10.20;192.168.30.40
Zone name: example.com.
Active zone: TRUE
Authoritative nameserver: ipa.example.com.
Administrator e-mail address: hostmaster.example.com.
SOA serial: 1602066022
SOA refresh: 3600
SOA retry: 900
SOA expire: 1209600
SOA minimum: 3600
Allow query: any;
Allow transfer: 192.168.10.20;             <=== Only one IP address was added

  • Multiple IP addresses can be added via Web UI successfully

  1. Linux Domain Identity, Authentication, and Policy Guide: 33.4.3. Enabling Zone Transfers ↩︎

Environment

  • Red Hat Enterprise Linux 7
  • Red Hat Enterprise Linux 8
  • Red Hat Identity Management (IdM) / FreeIPA
    • ipa-server
    • ipa-server-dns
    • bind-pkcs11 / named-pkcs11.service

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content