dhcp not updating dns server

Sat Dec 12 12:13:42 UTC 2009

Hi James

Nice move from MS to Open Source!

There's a couple of things with your config.

The range statement gives the full range of IP addresses to be
allocated. Thus, you should not include addresses in the range that
will be allocated to other devices, or hosts with fixed addresses. So
this is wrong:

	range 192.168.100.0 192.168.101.254;

It should not include the router's address, or the hosts with
fixed-address, or the DNS servers. At least this:

	range 192.168.1100.6 192.168.101.254;

The other important gotcha is that a host that is allocated an address
in a host statement does not go through the same processing on the
server as a host that gets adynamic address. The effect of this is that
no DNS updates are performed for the fixed-address hosts.

There are example DNS configurations in the dhcpd.conf man page, look
for the section titled "DYNAMIC DNS UPDATE SECURITY". The "secondary"
statement is for configuring failover and has nothing to do with DNS.
Due to the way the parser works, it may not throw an error when a
statement appears out of context.

You need to enable logging on the DNS server to see what is happenning
there, the default behaviour for BIND and most DNS servers is to
silently ignore updates from a client that is not allowed to do so.

Finally, it is typical to define the host statements in the global
scope, not inside the subnet. There are subtle inheritance rules, and
the global definition is the one you usually want. Defining it in the
subnet scope does not bind it only to that subnet.

regards,
-glenn

>From: James Dinkel <jdinkel at gmail.com>
>Date: Fri, 11 Dec 2009 16:36:27 -0600
>Subject: dhcp not updating dns server
>To: dhcp-users at lists.isc.org
>X-BeenThere: dhcp-users at lists.isc.org
>
> I'm putting in an ISC DHCPD server to replace Microsoft DHCP server
> because it is a pain in the neck managing reserved hosts in Microsoft's
> DHCP.
> 
> Anyway, it won't add the clients that it assigns addresses for to the
> DNS servers. I've set the zones on the dns servers to accept secure and
> non-secure updates, and here is my dhcpd.conf:
> --------------------
> ##### SERVER SETTINGS #####
> 
> ddns-update-style interim;
> ignore client-updates;
> update-static-leases on;
> 
> zone bucoks.com {
> primary 192.168.100.2;
> secondary 192.168.100.3;
> }
> zone 100.168.192.in-addr.arpa. {
> primary 192.168.100.2;
> secondary 192.168.100.3;
> }
> 
> option domain-name "company.com";
> option domain-name-servers 192.168.100.2, 192.168.100.3;
> 
> # 8-day leases
> default-lease-time 69102;
> 
> # disable bootp
> deny bootp;
> #deny dynamic bootp clients;
> 
> ##### SUBNET SETTINGS #####
> 
> subnet 192.168.100.0 netmask 255.255.254.0 {
> option routers 192.168.100.1;
> option subnet-mask 255.255.254.0;
> 
> range 192.168.100.0 192.168.101.254;
> 
> host server1 {
> option host-name "server1.company.com";
> hardware ethernet 00:XX:XX:XX:XX:XX;
> fixed-address 192.168.100.4;
> } # end of host
> 
> host server2 {
> option host-name "server2.company.com";
> hardware ethernet 00:XX:XX:XX:XX:XX;
> fixed-address 192.168.100.5;
> } # end of host
> 
> } # end of subnet
> --------------------

> I can't find anything about even attempting to update dns in the logs, just
> that the dhcp addresses were requested and acknowledged, and all static and
> dynamic clients are getting addresses just fine.
> 
> Any ideas? I'm not even sure if it's really not even trying to do the dns
> updates or if I just need to set something to get some better logging?  A
> tcpdump shows that the dhcp server is not even attempting any communication
> with the dns server.