Looking for a pointer on getting reverse mapping with DDNS to work with DHCPD & Named.

Jim Bucks jbucks at coloradostudios.com
Fri Mar 29 14:57:07 UTC 2013


On Fri, Mar 29, 2013 at 6:39 AM, Mark Elkins <mje at posix.co.za> wrote:

> Try using a more simple MD5, short key.
>
> Seem to remember that DHCP doesn't like non-MD5 keys (eg SHA)
> There was also some sort of length bug? - try 128 bit length.
>
> On Fri, 2013-03-29 at 06:19 -0600, Jim Bucks wrote:
> > After working on this some more overnight.....
> >
> > I can add records interactively via nsupdate (as shown below).  But,
> > cannot get the same results from an ipconfig /release & /renew from a
> > workstation.  I am totally stumped at this point.
> >
> > Any ideas (and yes, I did do over the "semicomplete" URL provided
> > by ?Alex?").  The only difference I can see is that I used a 512 bit
> > key vs the examples 128bit key. And, I'm using a slaves/ directory vs
> > internal/ directory for the "zones" files.
> >
> > Jim
> >
> >
> > INTERACTIVE WORKS
> > ------------------------------------
> > [root at dns04 chroot]# nsupdate
> > > server 127.0.0.1
> > > key DHCP_UPDATER TrlaHSJXel+L5hqtfev5Gdlwj7B
> > +HqcXQiqXMdZ/8mGXhznkRXf6yMDaQ9rXbx45gFgVpW7PFRHXGsZfUKrFlw==
> > > update add 101.20.10.172.in-addr.arpa. 3600 in ptr
> > proccilap.dhcp.coloradostudios.com.
> > >
> > > update add proccilap.dhcp.coloradostudios.com. 86400 a 171.10.20.101
> > >
> > >
> >
> > [root at dns04 slaves]# ll
> > total 24
> > -rw-r--r-- 1 named named  400 Mar 28 15:08 db.172.10.20
> > -rw-r--r-- 1 named named  792 Mar 29 05:54 db.172.10.20.jnl
> > -rwxrwx--- 1 named named 7346 Feb 15 09:06 db.den.coloradostudios.com
> > -rwxrwx--- 1 named named  362 Mar 28 13:41 db.dhcp.coloradostudios.com
> > -rw-r--r-- 1 named named  782 Mar 29 05:56
> > db.dhcp.coloradostudios.com.jnl
> > [root at dns04 slaves]#
> >
> >
> >
> > [root at dns04 chroot]# rndc freeze
> > [root at dns04 chroot]# rndc thaw
> >
> >
> > [root at dns04 slaves]# ll
> > total 16
> > -rw-r--r-- 1 named named  433 Mar 29 05:58 db.172.10.20
> > -rwxrwx--- 1 named named 7346 Feb 15 09:06 db.den.coloradostudios.com
> > -rw-r--r-- 1 named named  381 Mar 29 05:58 db.dhcp.coloradostudios.com
> > [root at dns04 slaves]#
> >
> >
> > [root at dns04 slaves]# cat db.172.10.20
> > $ORIGIN .
> > $TTL 86400    ; 1 day
> > 20.10.172.in-addr.arpa    IN SOA    dns04.coloradostudios.com.
> > sysmgr.hd.net. (
> >                 2013032605 ; serial
> >                 10800      ; refresh (3 hours)
> >                 3600       ; retry (1 hour)
> >                 604800     ; expire (1 week)
> >                 86400      ; minimum (1 day)
> >                 )
> >             NS    dns04.den.coloradostudios.com.
> > $ORIGIN 20.10.172.in-addr.arpa.
> > $TTL 3600    ; 1 hour
> > 101            PTR    proccilap.dhcp.coloradostudios.com.
> >
> >
> > [root at dns04 slaves]# cat db.dhcp.coloradostudios.com
> > $ORIGIN .
> > $TTL 86400    ; 1 day
> > dhcp.coloradostudios.com IN SOA    dns04.coloradostudios.com.
> > sysmgr.axs.tv. (
> >                 2013032804 ; serial
> >                 10800      ; refresh (3 hours)
> >                 3600       ; retry (1 hour)
> >                 604800     ; expire (1 week)
> >                 86400      ; minimum (1 day)
> >                 )
> >             NS    dns04.coloradostudios.com.
> > $ORIGIN dhcp.coloradostudios.com.
> > proccilap        A    171.10.20.101
> > [root at dns04 slaves]#
> >
> >
> > IPCONFIG /RELEASE & /RENEW DOES NOT WORK
> >
> --------------------------------------------------------------------------------
> > Mar 29 06:10:33 dns04 dhcpd: Wrote 2 leases to leases file.
> > Mar 29 06:10:33 dns04 dhcpd: DHCPRELEASE of 172.10.20.101 from
> > 00:0b:cd:33:b6:49 (proccilapxp) via eth1 (found)
> > Mar 29 06:10:43 dns04 dhcpd: DHCPDISCOVER from 00:0b:cd:33:b6:49 via
> > eth1
> > Mar 29 06:10:44 dns04 dhcpd: DHCPOFFER on 172.10.20.101 to
> > 00:0b:cd:33:b6:49 (proccilapxp) via eth1
> > Mar 29 06:10:44 dns04 dhcpd: Unable to add forward map from
> > dhcp-172-10-20-101.coloradostudios.com to 172.10.20.101: timed out
> > Mar 29 06:10:44 dns04 dhcpd: DHCPREQUEST for 172.10.20.101
> > (172.10.5.5) from 00:0b:cd:33:b6:49 (proccilapxp) via eth1
> > Mar 29 06:10:44 dns04 dhcpd: DHCPACK on 172.10.20.101 to
> > 00:0b:cd:33:b6:49 (proccilapxp) via eth1
> >
>

Hi Mark (and Steven Carr),

I just noticed (has been there all along), that the subdomain is not
showing up in the "automated" unable to line.
         I want it to add dhcp-172-10-20-101.dhcp.coloradostudios.com
  but it's trying to add dhcp-172-10-20-101.coloradostudios.com

I'm not seeing much of a difference on the output / log files.

I added    OPTIONS="-4 -d 99"                             to my
/etc/sysconfig/named file.

I added    log-facility  local0;                                 to my
/etc/dhcpd.conf file.

I added    local0.debug   /var/log/dhcp/dhcpd.log    to my
/etc/rsyslog.conf  (and killall -1 rsyslogd)

I also started a tcpdump on the DNS /DHCP server.


/var/log/messages
Mar 29 08:00:44 dns04 named-sdb[9007]: received control channel command
'stop'
Mar 29 08:00:44 dns04 named-sdb[9007]: shutting down: flushing changes
Mar 29 08:00:44 dns04 named-sdb[9007]: stopping command channel on
127.0.0.1#953
Mar 29 08:00:44 dns04 named-sdb[9007]: no longer listening on 127.0.0.1#53
Mar 29 08:00:44 dns04 named-sdb[9007]: exiting
Mar 29 08:00:46 dns04 named-sdb[9161]: starting BIND
9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6.3 -u named -4 -d 99 -t /var/named/chroot
Mar 29 08:00:46 dns04 named-sdb[9161]: built with
'--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu'
'--target=x86_64-redhat-linux-gnu' '--program-prefix=' '--prefix=/usr'
'--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin'
'--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include'
'--libdir=/usr/lib64' '--libexecdir=/usr/libexec'
'--sharedstatedir=/var/lib' '--mandir=/usr/share/man'
'--infodir=/usr/share/info' '--with-libtool' '--localstatedir=/var'
'--enable-threads' '--enable-ipv6' '--with-pic' '--disable-static'
'--disable-openssl-version-check' '--with-dlz-ldap=yes'
'--with-dlz-postgres=yes' '--with-dlz-mysql=yes'
'--with-dlz-filesystem=yes' '--with-gssapi=yes' '--disable-isc-spnego'
'--with-docbook-xsl=/usr/share/sgml/docbook/xsl-stylesheets'
'--enable-fixed-rrset' 'build_alias=x86_64-redhat-linux-gnu'
'host_alias=x86_64-redhat-linux-gnu' 'target_alias=x86_64-redhat-linux-gnu'
'CFLAGS= -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
-fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic' 'CPPFLAGS=
-DDIG_SIGCHASE'
Mar 29 08:00:46 dns04 named-sdb[9161]:
----------------------------------------------------
Mar 29 08:00:46 dns04 named-sdb[9161]: BIND 9 is maintained by Internet
Systems Consortium,
Mar 29 08:00:46 dns04 named-sdb[9161]: Inc. (ISC), a non-profit 501(c)(3)
public-benefit
Mar 29 08:00:46 dns04 named-sdb[9161]: corporation.  Support and training
for BIND 9 are
Mar 29 08:00:46 dns04 named-sdb[9161]: available at
https://www.isc.org/support
Mar 29 08:00:46 dns04 named-sdb[9161]:
----------------------------------------------------
Mar 29 08:00:46 dns04 named-sdb[9161]: adjusted limit on open files from
4096 to 1048576
Mar 29 08:00:46 dns04 named-sdb[9161]: found 4 CPUs, using 4 worker threads
Mar 29 08:00:46 dns04 named-sdb[9161]: using up to 4096 sockets
Mar 29 08:00:46 dns04 named-sdb[9161]: SDB ldap zone database module loaded.
Mar 29 08:00:46 dns04 named-sdb[9161]: SDB postgreSQL DB zone database
module loaded.
Mar 29 08:00:46 dns04 named-sdb[9161]: SDB sqlite3 DB zone database module
loaded.
Mar 29 08:00:46 dns04 named-sdb[9161]: SDB directory DB zone database
module loaded.
Mar 29 08:00:46 dns04 named-sdb[9161]: loading configuration from
'/etc/named.conf'
Mar 29 08:00:46 dns04 named-sdb[9161]: using default UDP/IPv4 port range:
[1024, 65535]
Mar 29 08:00:46 dns04 named-sdb[9161]: using default UDP/IPv6 port range:
[1024, 65535]
Mar 29 08:00:46 dns04 named-sdb[9161]: no IPv6 interfaces found
Mar 29 08:00:46 dns04 named-sdb[9161]: listening on IPv4 interface lo,
127.0.0.1#53
Mar 29 08:00:46 dns04 named-sdb[9161]: generating session key for dynamic
DNS
Mar 29 08:00:46 dns04 named-sdb[9161]: sizing zone task pool based on 8
zones
Mar 29 08:00:46 dns04 named-sdb[9161]: set up managed keys zone for view
internal, file
'dynamic/3bed2cb3a3acf7b6a8ef408420cc682d5520e26976d354254f528c965612054f.mkeys'
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
10.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
16.172.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
17.172.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
18.172.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
19.172.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
20.172.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
21.172.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
22.172.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
23.172.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
24.172.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
25.172.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
26.172.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
27.172.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
28.172.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
29.172.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
30.172.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
31.172.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
168.192.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
127.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
254.169.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
2.0.192.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
100.51.198.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
113.0.203.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
255.255.255.255.IN-ADDR.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
D.F.IP6.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
8.E.F.IP6.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
9.E.F.IP6.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
A.E.F.IP6.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
B.E.F.IP6.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: automatic empty zone: view internal:
8.B.D.0.1.0.0.2.IP6.ARPA
Mar 29 08:00:46 dns04 named-sdb[9161]: command channel listening on
127.0.0.1#953
Mar 29 08:00:46 dns04 named-sdb[9161]: zone 0.in-addr.arpa/IN/internal:
loaded serial 0
Mar 29 08:00:46 dns04 named-sdb[9161]: zone
1.0.0.127.in-addr.arpa/IN/internal: loaded serial 0
Mar 29 08:00:46 dns04 named-sdb[9161]: zone
20.10.172.in-addr.arpa/IN/internal: loaded serial 2013032605
Mar 29 08:00:46 dns04 named-sdb[9161]: zone
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/internal:
loaded serial 0
Mar 29 08:00:46 dns04 named-sdb[9161]: zone
dhcp.coloradostudios.com/IN/internal: loaded serial 2013032804
Mar 29 08:00:46 dns04 named-sdb[9161]: zone
localhost.localdomain/IN/internal: loaded serial 0
Mar 29 08:00:46 dns04 named-sdb[9161]: zone localhost/IN/internal: loaded
serial 0
Mar 29 08:00:46 dns04 named-sdb[9161]: managed-keys-zone ./IN/internal:
loaded serial 0
Mar 29 08:00:46 dns04 named-sdb[9161]: running
Mar 29 08:00:46 dns04 named-sdb[9161]: zone
20.10.172.in-addr.arpa/IN/internal: sending notifies (serial 2013032605)



Mar 29 08:01:29 dns04 dhcpd: DHCPRELEASE of 172.10.20.101 from
00:0b:cd:33:b6:49 (proccilapxp) via eth1 (found)



Mar 29 08:01:43 dns04 dhcpd: DHCPDISCOVER from 00:0b:cd:33:b6:49 via eth1
Mar 29 08:01:44 dns04 dhcpd: DHCPOFFER on 172.10.20.101 to
00:0b:cd:33:b6:49 (proccilapxp) via eth1
Mar 29 08:01:44 dns04 dhcpd: Unable to add forward map from
dhcp-172-10-20-101.coloradostudios.com to 172.10.20.101: timed out
Mar 29 08:01:44 dns04 dhcpd: DHCPREQUEST for 172.10.20.101 (172.10.5.5)
from 00:0b:cd:33:b6:49 (proccilapxp) via eth1
Mar 29 08:01:44 dns04 dhcpd: DHCPACK on 172.10.20.101 to 00:0b:cd:33:b6:49
(proccilapxp) via eth1



/var/log/dhcp/dhcpd.log
Mar 29 07:40:02 dns04 dhcpd: Wrote 2 leases to leases file.
Mar 29 07:40:02 dns04 dhcpd: Listening on LPF/eth1/5c:f3:fc:27:05:55/
172.10.0.0/16
Mar 29 07:40:02 dns04 dhcpd: Sending on   LPF/eth1/5c:f3:fc:27:05:55/
172.10.0.0/16
Mar 29 07:40:02 dns04 dhcpd: Sending on   Socket/fallback/fallback-net
Mar 29 07:40:34 dns04 dhcpd: DHCPRELEASE of 172.10.20.101 from
00:0b:cd:33:b6:49 (proccilapxp) via eth1 (found)
Mar 29 07:40:40 dns04 dhcpd: DHCPDISCOVER from 00:0b:cd:33:b6:49 via eth1
Mar 29 07:40:41 dns04 dhcpd: DHCPOFFER on 172.10.20.101 to
00:0b:cd:33:b6:49 (proccilapxp) via eth1
Mar 29 07:40:41 dns04 dhcpd: Unable to add forward map from
dhcp-172-10-20-101.coloradostudios.com to 172.10.20.101: timed out
Mar 29 07:40:41 dns04 dhcpd: DHCPREQUEST for 172.10.20.101 (172.10.5.5)
from 00:0b:cd:33:b6:49 (proccilapxp) via eth1
Mar 29 07:40:41 dns04 dhcpd: DHCPACK on 172.10.20.101 to 00:0b:cd:33:b6:49
(proccilapxp) via eth1


tcpdump  -n -i eth1
07:57:45.701316 IP6 fe80::6eae:8bff:fe63:bad6.dhcpv6-client >
ff02::1:2.dhcpv6-server: dhcp6 solicit
07:59:55.497382 IP6 fe80::6eae:8bff:fe63:bad6.dhcpv6-client >
ff02::1:2.dhcpv6-server: dhcp6 solicit
08:00:52.120887 IP6 fe80::6eae:8bff:fe63:bad6.svrloc > ff01::123.svrloc:
UDP, length 49
08:00:52.121442 IP 172.10.20.102.svrloc > 239.255.255.253.svrloc: UDP,
length 49
08:01:07.122255 IP6 fe80::6eae:8bff:fe63:bad6.svrloc > ff01::123.svrloc:
UDP, length 49
08:01:07.122585 IP 172.10.20.102.svrloc > 239.255.255.253.svrloc: UDP,
length 49
08:01:22.123261 IP6 fe80::6eae:8bff:fe63:bad6.svrloc > ff01::123.svrloc:
UDP, length 49
08:01:22.123608 IP 172.10.20.102.svrloc > 239.255.255.253.svrloc: UDP,
length 49
08:01:29.848705 ARP, Request who-has 172.10.5.5 tell 172.10.20.101, length
46
08:01:29.848726 ARP, Reply 172.10.5.5 is-at 5c:f3:fc:27:05:55, length 28
08:01:29.848893 IP 172.10.20.101.bootpc > 172.10.5.5.bootps: BOOTP/DHCP,
Request from 00:0b:cd:33:b6:49, length 300
08:01:43.499840 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP,
Request from 00:0b:cd:33:b6:49, length 300
08:01:43.500013 IP 172.10.5.5 > 172.10.20.101: ICMP echo request, id 40559,
seq 0, length 28
08:01:44.000658 IP 172.10.5.5.bootps > 172.10.20.101.bootpc: BOOTP/DHCP,
Reply, length 300
08:01:44.001824 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP,
Request from 00:0b:cd:33:b6:49, length 342
08:01:44.196244 IP 172.10.5.5.bootps > 172.10.20.101.bootpc: BOOTP/DHCP,
Reply, length 332
08:01:44.223426 ARP, Request who-has 172.10.20.101 tell 172.10.20.101,
length 46
08:01:44.817823 ARP, Request who-has 172.10.20.101 tell 172.10.20.101,
length 46
08:01:45.819284 ARP, Request who-has 172.10.20.101 tell 172.10.20.101,
length 46
08:01:46.871648 ARP, Request who-has 172.10.5.1 tell 172.10.20.101, length
46
08:01:46.895128 IP 172.10.20.101 > 224.0.0.22: igmp v3 report, 1 group
record(s)
08:01:47.822225 IP 172.10.20.101 > 224.0.0.22: igmp v3 report, 1 group
record(s)
08:01:49.149708 IP6 fe80::6eae:8bff:fe63:bad6.dhcpv6-client >
ff02::1:2.dhcpv6-server: dhcp6 solicit
08:01:51.855284 ARP, Request who-has 172.10.5.1 tell 172.10.20.101, length
46
08:01:55.841902 ARP, Request who-has 172.10.5.1 tell 172.10.20.101, length
46
08:03:47.232794 IP6 fe80::6eae:8bff:fe63:bad6.dhcpv6-client >
ff02::1:2.dhcpv6-server: dhcp6 solicit
08:05:35.836693 IP6 fe80::6eae:8bff:fe63:bad6.dhcpv6-client >
ff02::1:2.dhcpv6-server: dhcp6 solicit
08:05:40.982237 ARP, Request who-has 172.10.5.1 tell 172.10.20.101, length
46
08:05:47.859964 ARP, Request who-has 172.10.5.1 tell 172.10.20.101, length
46






-- 
Jim Bucks - IT Director
Colorado Studios <http://www.coloradostudios.com>, Mobile TV
Group<http://www.mobiletvgroup.com>,
HDNet <http://www.hd.net>, AXS.tv <http://www.axs.tv/>
8269 E. 23rd Ave. Denver, CO 80238 Main  303-388-8500
jbucks at coloradostudios.com            Direct 303-542-5520
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20130329/4e70340c/attachment.html>


More information about the bind-users mailing list