Dhcpd and Bind wierdness

Eirik Toft fingers at invisilan.net
Mon Jan 17 17:32:04 UTC 2005 

Greetings;

I have Bind-9.2.1 and dhcpd 3.0p11 running on my Slackware box and have for
some time.

I have a few win2k clients and one XP client.  I've disables the "Register
my connection" option on ALL client machines (this isn't really the problem,
but I know someone will ask about it).

It would seem that dhcpd is attempting dynamic updates, and only seems
successful with one client - the XP box.  It used to work for all of them.

When dhcpd attempt to update bind with any of the other clients, I get the
following message:

Jan 17 08:28:48.144 update: info: client 192.168.1.39#2388: updating zone
'invisilan.net/IN': update failed: 'RRset exists (value dependent)'
prerequisite not satisfied (NXRRSET)

Now, according the the RFC (I think after reading it), this means that the
client with this IP address already exists in bind and therefore were not
updated (Is there an interpretor for the RFC??).  Now, to add insult to
injury, the reverse lookup zonefile does get updated with the IP address
assigned to theaforementioned machines, just not the forward lookup
zonefile.

I've done everything, including delete the journal files and cleared out the
dhcpd.leases file to make sure no stale leases were floating around, and so
far none of it's worked.

Now, while the XP box does seem to work fully, I know it's not because of
XP - after all, dhcpd doesn't care who asks for an IP address, but I do know
that this box is new to the network and never registered through the
dhcpd-bind mechanism.

Lastly, let me say that I use Split DNS from my server, so that addresses
from the outside get different responses than addresses on the inside.

Here's a copy of the "internal" view from my DNS server:
view "internal" {
  match-clients { 192.168.1/24; };
  recursion yes;
  zone "." IN {
    type hint;
    file "zonefiles/named.ca";
  };

  zone "invisilan.net" IN {
    type master;
    file "zonefiles/invisilan.zone.inside";
    allow-update { key "letmein"; };
  };

  zone "1.168.192.in-addr.arpa" IN {
    type master;
    file "zonefiles/reverse.zone.inside";
    allow-update { key "letmein"; };
  };
};

and the pertinent section from dhcpd.conf:

zone invisilan.net. {
  primary 127.0.0.1;
  key "letmein";
}
zone 1.168.192.in-addr.arpa. {
  primary 127.0.0.1;
  key "letmein";
}
ddns-update-style interim;

Anyone have any ideas?

Thanks again;

Eirik

More information about the bind-users mailing list