We use an extremely distributed setup where DNS is completely handled of the remote side. So we serve DNS in combination with an extra smart-proxy for that DNS server. The DNS server handles forward and reverse zone currently without any delegation from an upstream DNS.
If we now configure the remote subnet with that smart proxy as Reverse DNS Proxy we get an PTR-Record because foreman uses the DNS-Server from its host machine to check for existing PTR records. The Nameserver from the foreman host also resolves the given subnet (private subnet).
Expected outcome:
Foreman should use DNS-Server for the reverse zone for checking for reverse entries.
Correct, we also would expect that foreman would rely on foreman proxy. Maybe it’s a good idea to have an setting to configure the behavior of foreman at this point.
Possibly a setting but I want to consider DNS conflict resolution. Perhaps we should fully offload it to smart proxies and drop all conflict resolution from Foreman itself.
One thought is to implement a Smart Proxy DNS provider that only does conflict detection, but thinking about it, it’d be quite unnatural to use.
How much would people care about DNS conflict resolution if you’re not using DNS integration at all? Can we safely drop it?