dhcpd.conf for dynamic dns
S Kalyanasundaram
skalyanasundaram at novell.com
Tue Mar 20 06:03:41 UTC 2007
Oh cool now the dhcp talks to dns!. I think while updating the dns there will be some TXT data written in lease file as well. Better delete the lease file and touch it again and try it. ( I hope you are not in the productive environment).
-"kalyan"
>>> On 3/20/2007 at 11:00 AM, in message
<78CDD5837BDAAB44B33AF00D7DFE353F96B57A at MAILSVR.catvmail.local>, "Chow Chi Ho
(FP&HO)" <chchow at cabletv.com.hk> wrote:
> There is a response from dhcp server to dns server after I removing "option
> fqdn.server-update on;"
> and add "ddns-hostname = concat ( suffix .........)); " to the pool.
>
> But I got another problem " if 00e06f584da4.example.com IN A rrset doesn't
> exist add 00e06f584da4.example.com 43200 IN A 10.174.10.10: RRset already
> exists. " , log from dhcp server.
>
> and the dns server " 'rrset does not exist' prerequisite not satisfied
> (YXRRSET) "
>
> any idea ?
>
>
> -----Original Message-----
> From: S Kalyanasundaram [mailto:skalyanasundaram at novell.com]
> Sent: Tuesday, March 20, 2007 1:12 PM
> To: Chow Chi Ho (FP&HO); dhcp-users at isc.org
> Subject: RE: dhcpd.conf for dynamic dns
>
>
> It would be something like "Added forward map hostname.example.com" (and
> with some TXT record info ).
> Check you are sending the host name from the client.
> If the host name is not sent how it will be updated to dns since we have the
> configuration to add it to dns. Anybody anyidea?
>
> thanks,
> -"kalyan"
>
>>>> On 3/20/2007 at 10:16 AM, in message
> <78CDD5837BDAAB44B33AF00D7DFE353F96B563 at MAILSVR.catvmail.local>, "Chow Chi Ho
> (FP&HO)" <chchow at cabletv.com.hk> wrote:
>> only "discover, offer, request and ack" in the dhcp log file.
>> what will be the log looks like if DDNS was worked ?
>>
>>
>> -----Original Message-----
>> From: S Kalyanasundaram [mailto:skalyanasundaram at novell.com]
>> Sent: Tuesday, March 20, 2007 12:12 PM
>> To: Chow Chi Ho (FP&HO); dhcp-users at isc.org
>> Subject: RE: dhcpd.conf for dynamic dns
>>
>>
>> Hmm, I really don't know. The configuration looks fine. But what I would do
>> in this case is I will try to eliminate the problem first.
>> I would try the following configuration first
>>
>> ddns-update-style intrim;
>> ddns-updates on;
>> zone example.com. { primary 192.168.128.40; }
>>
>> subnet 10.0.0.0 netmask 255.0.0.0 {
>> pool { # this ip range will be updated to dns.........but not work
>> range 10.174.10.1 10.174.10.10;
>> ddns-domainname "example.com";
>> ## option subnet-mask 255.255.252.0;
>> }
>> }
>>
>> Then run the dhcpd with -d -f option and query from the client and look for
>> the log entry. If the dhcp says unable to add forward map then there is no
>> problem with dhcp. It tried to contact dns and there will be a corresponding
>
>> entry in dns log as well. And go to dns log find the reason why it fails. If
>
>> the dhcp does not show up any log other than DHCPDicover, dhcpRequest
>> messages then there might be problem in dhcp configuration itself. I will
>> look at the configuration itself again. I remember I have done it earlier.
>>
>> -"kalyan"
>>
>>
>>
>>>>> On 3/20/2007 at 8:57 AM, in message
>> <78CDD5837BDAAB44B33AF00D7DFE353F96B52B at MAILSVR.catvmail.local>, "Chow Chi Ho
>> (FP&HO)" <chchow at cabletv.com.hk> wrote:
>>> Here is my dhcpd.conf
>>> Pls help
>>>
>>> ddns-update-style interim;
>>> ddns-updates on;
>>> zone example.com. { primary 192.168.128.40; }
>>> zone 174.10.in-addr.arpa. { primary 192.168.128.40; }
>>> server-identifier 192.168.128.80;
>>> log-facility local7;
>>> ddns-domainname "example.com";
>>>
>>>
>>> ########option for MTA#######
>>> option space docsis-mta;
>>> option docsis-mta.dhcp-server-1 code 1 = ip-address;
>>> option docsis-mta.dhcp-server-2 code 2 = ip-address;
>>> option docsis-mta.prov-server code 3 = string;
>>> option docsis-mta-encap code 122 = encapsulate docsis-mta;
>>> option docsis-mta.kerberos code 6 = string;
>>>
>>>
>>> ########local subnet declaration#######
>>>
>>> subnet 61.10.0.128 netmask 255.255.255.192 {
>>> option routers 61.10.0.129;
>>> option subnet-mask 255.255.255.192;
>>> }
>>>
>>> subnet 192.168.128.0 netmask 255.255.255.0 {
>>> option routers 192.168.128.254;
>>> option subnet-mask 255.255.255.0;
>>> }
>>>
>>> ########group declaration ########
>>>
>>> group {
>>> next-server 192.168.255.183;
>>> filename "test2.cfg";
>>> option dhcp.bootfile-name "test1.cfg";
>>> host 00e0.6f39.f988 {hardware ethernet 00:e0:6f:39:f9:88;}
>>> }
>>>
>>> group {
>>> next-server 192.168.255.183;
>>> filename "mta_ss1.bin";
>>> option time-servers 192.168.255.185;
>>> option log-servers 192.168.255.192;
>>> option domain-name-servers 192.168.128.40,192.168.128.10;
>>> option domain-name "example.com";
>>> ddns-domainname "example.com";
>>> option host-name = concat (suffix (concat ("0", binary-to-ascii
>
>>
>>> (16, 8, "", substring (hardware, 1, 1))),2),
>>> suffix (concat ("0",
>>> binary-to-ascii (16, 8, "", substring (hardware, 2, 1))),2),
>>> suffix (concat ("0",
>>> binary-to-ascii (16, 8, "", substring (hardware, 3, 1))),2),
>>> suffix (concat ("0",
>>> binary-to-ascii (16, 8, "", substring (hardware, 4, 1))),2),
>>> suffix (concat ("0",
>>> binary-to-ascii (16, 8, "", substring (hardware, 5, 1))),2),
>>> suffix (concat ("0",
>>> binary-to-ascii (16, 8, "", substring (hardware, 6, 1))),2) );
>>> option docsis-mta.prov-server
>>>
>>
> 00:06:77:74:74:73:73:31:04:76:6f:69:70:07:68:6b:63:61:62:6c:65:03:63:6f:6d:02
>>> :68:6b:00
>>> ;
>>> option docsis-mta.kerberos 05:42:41:53:49:43:01:31:00;
>>> host 00e0.6f58.4da4 {hardware ethernet 00:e0:6f:58:4d:a4;}
>>> }
>>>
>>> ########class declaration########
>>>
>>> class "cm" {
>>> match if substring(option vendor-class-identifier,0,6) =
>>> "docsis";
>>> spawn with option agent.remote-id;
>>> default-lease-time 604800;
>>> max-lease-time 604800;
>>> min-lease-time 302400;
>>> option time-offset -10800;
>>> next-server 192.168.255.183;
>>> option tftp-server-name "192.168.255.183";
>>> option time-servers 61.10.1.185;
>>> option log-servers 192.168.255.192;
>>> option domain-name "example.com";
>>> option docsis-mta.dhcp-server-1 192.168.128.80;
>>> option docsis-mta.dhcp-server-2 192.168.128.80;
>>> }
>>> subclass "cm" 00:e0:6f:39:f9:88;
>>>
>>> class "emta" {
>>> match if substring(option
>>> vendor-class-identifier,0,8)="pktc1.0:";
>>> vendor-option-space docsis-mta;
>>> }
>>> subclass "emta" 00:e0:6f:58:4d:a4;
>>>
>>>
>>> shared-network ABCD {
>>> option domain-name "example.com";
>>> option domain-name-servers dns.example.com;
>>> option routers 10.174.0.1;
>>> subnet 10.0.0.0 netmask 255.0.0.0 {
>>> pool {
>>>
>>> option routers 10.174.0.1;
>>> option subnet-mask 255.255.248.0;
>>> option domain-name-servers dns.example.com;
>>> range 10.174.3.3 10.174.3.254;
>>> allow members of "cm";
>>> }
>>> pool { # this ip range will be updated to dns.........but
>
>>
>>> not work
>>> option routers 10.174.8.1;
>>> ddns-domainname "example.com";
>>> option fqdn.server-update on;
>>> option subnet-mask 255.255.252.0;
>>> option domain-name "example.com";
>>> option domain-name-servers dns.example.com;
>>> range 10.174.10.1 10.174.10.10;
>>> allow members of "emta";
>>> ddns-updates on;
>>> }
>>> }
>>> } # end shared-network
>>>
>>>
>>>
>>> -----Original Message-----
>>> From: S Kalyanasundaram [mailto:skalyanasundaram at novell.com]
>>> Sent: Tuesday, March 20, 2007 11:11 AM
>>> To: Chow Chi Ho (FP&HO); dhcp-users at isc.org
>>> Subject: RE: dhcpd.conf for dynamic dns
>>>
>>>
>>> I guess you are expecting the update for some static lease (host
>>> declaration). Static lease wont be updated until "update-static-lease" flag is
>
>>
>>> true. Otherwise you might have forgot to add ddns-domainname option in your
>>> conf file. It would be better if you post your dhcpd.conf file.
>>>
>>> -"kalyan"
>>>
>>>
>>>>>> On 3/20/2007 at 8:29 AM, in message
>>> <78CDD5837BDAAB44B33AF00D7DFE353F96B515 at MAILSVR.catvmail.local>, "Chow Chi Ho
>>> (FP&HO)" <chchow at cabletv.com.hk> wrote:
>>>> I am using the below example but it does not work.
>>>> And there is no traffic from dhcp server to dns server (192.168.128.40) via
>>>> tcpdump.
>>>>
>>>> any idea ?
>>>>
>>>> -----Original Message-----
>>>> From: S Kalyanasundaram [mailto:skalyanasundaram at novell.com]
>>>> Sent: Monday, March 19, 2007 6:59 PM
>>>> To: Chow Chi Ho (FP&HO); dhcp-users at isc.org
>>>> Subject: RE: dhcpd.conf for dynamic dns
>>>>
>>>>
>>>> So you are ready to update dns with out keys. If you are not worried about
>>>> security then yes. You can use it. But make sure in named.conf file in the
>>>> example.com zone you have the statement. "allow-update {any;};"
>>>>
>>>> -"kalyan"
>>>>
>>>>>>> "Chow Chi Ho (FP&HO)" <chchow at cabletv.com.hk> 03/19/07 3:23 PM >>>
>>>> Can I use
>>>>
>>>> ddns-update-style interim;
>>>> zone example.com. {
>>>> primary 192.168.128.40;
>>>> }
>>>> zone .10174.10.in-addr.arpa. {
>>>> primary 192.168.128.40;
>>>> }
>>>>
>>>>
>>>> instead of using KEY ?
>>>>
>>>> -----Original Message-----
>>>> From: dhcp-users-bounce at isc.org [mailto:dhcp-users-bounce at isc.org]On Behalf Of
>>>> jgomez at infoweapons.com
>>>> Sent: Monday, March 19, 2007 5:39 PM
>>>> To: dhcp-users at isc.org
>>>> Subject: Re: dhcpd.conf for dynamic dns
>>>>
>>>>
>>>>> Hi all,
>>>>>
>>>>> How can I config dhcpd.conf to enable dynamic dns server update ?
>>>>
>>>> In dhcpd.conf, add the following:
>>>>
>>>> ddns-update-style interim;
>>>>
>>>> key update.1.168.192.in-addr.arpa.
>>>> {
>>>> algorithm hmac-md5;
>>>> secret "TG6KQ9zBEzvGcsWKRO96zA==";
>>>> }
>>>>
>>>> zone 1.168.192.in-addr.arpa
>>>> {
>>>> key update.1.168.192.in-addr.arpa.;
>>>> }
>>>>
>>>>
>>>> Please see attached document for more information...
>>>>
>>>> Cheers;
>>>>
>>>> Jonna
>>>>
>>>>
>>>>
>>>>
>>>> --------
>>>> This email and/or attachments are confidential and may also be
>>>> legally privileged. If you are not the intended recipient, you are
>>>> hereby notified, that any review, dissemination, distribution or
>>>> copying of this email and/or attachments is strictly prohibited.
>>>> Please notify security at infoweapons.com immediately by email and
>>>> delete this message and all its attachments. Thank you.
More information about the dhcp-users
mailing list